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1.  The  Formal  Syntax 

The  theory  with  which  the  theorem  prover  deals  is  presented  in  this  and  the  next  two  Sections.  This 
account  supercedes  and  makes  obsolete  all  previous  accounts. 


logical  theory  consists  of  a  language,  some  axioms  or  axiom  schemas,  and  some  rules  of  inference. 
However,  in  developing  the  proofs  of  interesting  theorems  it  is  often  necessary  to  introduce  axioms 
defining  new  concepts  and  operations.  Logically  speaking,  the  main  results  and  all  of  the  lemmas  along 
the  way  are  proved  in  the  final  theory.  But  practically  speaking,  the  theory  in  which  one  is  working 
■evolves  as  time  goes  by.* 

-_>To  accomodate  the  practical  view  of  the  situation  we  provide  several  'extension  principles*  by  which 
the  user  of  the  theory  can  add  new  axioms  of  a  particularly  constructive  sort.  Among  these  principles  is 
the  'shell  principle,*  which  permits  the  axiomatization  of  a  *new*  type  of  inductively  constructed  object, 
and  the  *definitionaI  principle,*  which  permits  the  introduction  of  an  equation  defining  a  recursive 
function.  These  extension  principles  can  be  considered  as  rules  of  inference  since  they  permit  one  to 
deduce  that  certain  formulas  are  theorems. 

Our  presentation  of  the  theory  is  organized  as  follows. 

*;  ' 

In  this  Section  Vk  present  the  formal  syntax  of  our  logic.  This  syntax  is  extremely  simple  ard  is  not  the 
syntax  implemented  in  the  theorem-prover.  We  then  develop  a  large  number  of  syntactic  conventions 
used  to  describe  the  axioms  and  rules  of  inference,  p 

In  the  next  Section  we  present  the  axioms  and  the  rules  of  inference. 

^Once  we  have  completed  the  formal  development  of  the  logic  we  turn,  in  Section 
IMPLEMENTEDSYNTAX,  to  a  description  of  the  implemented  syntax. 


1.1.  Syntax 

The  variables  and  function  symbols  of  our  language  are  taken  from  the  set  of  'symbols*  defined  below. 

A  sequence  of  characters,  s,  is  a  symbol  if  and  only  if  (i)  s  is  nonempty,  (ii)  each  character  in  s  is  a 
member  of  the  set: 

(ABCDEFGHI  JKLMNOPQRSTUVVXYZ 
0123486789 
-> 

(iii)  the  first  character  of  s  is  not  a  digit  or  hyphen. 

Examples:  PLUS,  ADDl,  X,  and  PRIME-FACTORS  are  symbols  and  thus  are  also  variable  symbols  and 
function  symbols.  A/B,  123,  and  1AB  are  not. 

Associated  with  every  function  symbol  is  a  nonnegative  integer  called  the  arity  of  the  symbol.  The  arity 
indicates  how  many  argument  terms  must  follow  each  application  of  the  function  symbol.  The  arity  of 
each  primitive  function  symbol  is  given  in  the  table  below.  We  also  include  brief  descriptive  comments  in 
the  hopes  that  they  will  make  subsequent  examples  more  meaningful, 
symbol  arity  consent 

ADDl  1  successor  function  for  natural  numbers 

AD0-7D-SET  2  adds  an  element  to  a  list  If  not  present 

AND  2  logical  and 

APPEND  2  list  concatenation 
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APPLY 

2 

application  of  function  to  arguments 

ARITY 

1 

number  of  arguments  expected  by  function 

CAR 

1 

first  component  of  ordered  pair 

OR 

1 

second  component  of  ordered  pair 

CONS 

2 

constructs  ordered  pairs 

COUNT 

1 

size  of  a  shell  object 

DIFFERENCE 

2 

difference  of  two  natural  numbers 

EQUAL 

2 

equality  predicate 

FALSE 

0 

false  object 

FALSE? 

1 

predicate  for  recognizing  FALSE 

FIX 

1 

coerces  argument  to  0  If  not  numeric 

FOR 

6 

general  purpose  quantifier 

GEQ 

2 

greater  than  or  equal  on  natural  numbers 

GREATER? 

2 

greater  than  on  natural  numbers 

IF 

3 

lf-then-else 

IMPLIES 

2 

logical  implication 

INTER? 

3 

subroutine  of  INTERPRET 

INTERPRET 

2 

evaluates  tame  forms  in  the  logic 

INTERPRET-LIST 

2 

evaluates  a  list  of  tame  forms 

LAST 

1 

last  QDR  of  an  object 

LENGTH 

1 

length  of  a  list 

LEQ 

2 

less  than  or  equal  on  natural  numbers 

LESSP 

2 

less  than  on  natural  numbers 

LISTP 

1 

recognizes  ordered  pairs 

LITATOM 

1 

recognizes  literal  atoms 

LOCKUP 

2 

looks  up  value  of  atom  In  allst 

MAX 

2 

maximum  of  two  natural  numbers 

MEMBER 

2 

membership  predicate 

MINUS 

1 

constructs  negative  of  a  natural  number 

NEGATIVE? 

1 

recognizes  negatives 

NEGATIVE-GUTS 

1 

absolute  value  of  a  negative 

NLISTP 

1 

negation  of  LISTP 

MOT 

1 

logical  negation 

NUMBERP 

1 

recognizes  natural  numbers 

OR 

2 

logical  or 

ORDINAL? 

1 

recognizes  ordinals 

ORDP 

1 

a  subfunction  of  ORDINAL? 

ORD-LESSP 

2 

less  than  on  ordinals  up  to  epsilon,, 

PACK 

1 

constructs  a  literal  atom  from  print  name 

PLUS 

2 

sum  of  two  natural  numbers 

QUANTIFIER-INITIAL-VALUE 

1  Initial  value  of  a  quantlfer 

QUANTIFIER-OPERATION 

3  operation  performed  by  quantifier 


QUOTIENT 

2 

natural  quotient  of  two  natural  numbers 

REMAINDER 

2 

mod 

SUB1 

1 

predecessor  function  on  natural  numbers 

TAME-FORMP 

1 

subroutine  of  INTER? 

TIMES 

2 

product  of  two  natural  numbers 

TRUE 

0 

true  object 

TRUE? 

1 

recognizes  TRUE 

SUBSETP 

2 

subset  predicate 

UNDE? 

1 

subroutine  of  INTERP 

UNION 

2 

union  of  two  lists 

UNPACK 

1 

explodes  lltatom  into  print  name 

ZERO 

0 

0 

ZERGP 

1 

recognizes  0  and  non-natural  numbers 

The  arity  of  each  user-introduced  function  symbol  is  declared  when  the  symbol  is  first  used  as  a  function 
symbol. 

A  term  is  either  a  variable  symbol  or  else  is  a  sequence  consisting  of  a  function  symbol  of  arity  n 
followed  by  n  terms.  We  enclose  non-variable  terms  in  parentheses. 


Examples:  The  following  are  terms: 

(ZERO) 

CADD1  X) 

(PLUS  (ADD1  X)  (ZERO)) 

(IF  B 

(ZERO) 

(ADD1  X)) 

We  present  our  axioms  as  formulas  in  the  familiar  syntax  of  propositional  calculus  with  equality. 

1.2.  Syntactic  Concepts 

To  talk  about  terms,  it  is  convenient  to  use  so-called  'metavariables*  that  are  understood  by  the  reader 
to  stand  for  certain  variables,  function  symbols,  or  terms.  In  this  document  we  use  lower  case  words  to 
denote  metavariables. 

Example:  If  f  denotes  the  function  symbol  PLUS,  and  t  denotes  the  term  (ADDl  Y),  then  (f  t  X)  denotes 
the  term  (PLUS  (ADDl  Y)  X). 

If  i  is  an  integer,  then  by  an  abuse  of  notation  we  let  Xi  denote  the  variable  whose  first  character  is  X 
and  whose  other  characters  are  the  decimal  representation  of  i. 

Example:  If  i  is  4,  Xi  is  the  variable  symbol  XI. 

A  term  t  is  a  call  of  fn  with  arguments  a, . an  iff  t  has  the  form  (fn  a,  ...  aQ). 

If  a  term  t  is  a  call  of  fn  we  say  fn  is  the  tog  function  symbol  of  t.  A  function  symbol  fn  is  called  in  a 
term  t  iff  either  t  is  a  call  of  fn  or  t  is  a  nonvariable  term  and  fn  is  called  in  an  argument  of  t.  The 
subterms  of  a  term  t  is  (t)  if  t  is  a  variable  symbol  and  otherwise  is  the  union  of  {t}  together  with  the 
union  of  the  subterms  of  the  arguments  of  t.  The  variables  of  a  term  t  is  the  set  of  variable  subterms  of 
t. 

Example:  The  term  (PLUS  X  Y)  is  a  call  of  PLUS  with  arguments  X  and  Y.  PLUS  is  called  in  (IF  A 
(PLUS  X  Y)  B).  The  set  of  subterms  of  (PLUS  X  Y)  is  {(PLUS  X  Y),  X,  Y}.  The  set  of  variables  of 
(PLUS  X  Y)  is  {X  Y}. 

A  finite  set  s  of  ordered  pairs  is  said  to  be  a  substitution  provided  that  for  each  ordered  pair  <v,t>  in 
s,  v  is  a  variable,  t  is  a  term  and  no  other  member  of  s  has  v  as  its  first  component.  The  result  of 
substituting  a  substitution  s  into  a  term  p  (denoted  p/s)  is  the  term  obtained  by  simultaneously  replacing, 
for  each  <v,t>  in  s,  each  occurrence  of  v  as  a  variable  in  p  with  t.  We  sometimes  say  p/s  is  the  result  of 
instantiating  p  with  s.  We  say  that  a  term  p'  is  an  instance  of  p  if  there  is  a  substitution  s  such  that  p'  is 
p/s. 

Example:  If  s  is  (<X,(ADD1  Y)>  <Y,Z>  <G,FOO>}  then  s  is  a  substitution.  If  p  is  the  term 

(PLUS  X  (GY  X)) 
then  p/s  is  the  term 

(PLUS  (ADDl  Y)  (G  Z  (ADDl  Y)))  . 

Note  that  even  though  the  substitution  contains  the  pair  <G,FOO>  the  occurrence  of  G  in  p  was  not 
replaced  by  FOO  since  G  does  not  occur  as  a  variable  in  p. 
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We  adopt  the  notations!  convention  of  sometimes  writing  a  term  where  a  formula  is  expected  (e.g.,  we 
may  refer  to  the  'theorem*  p,  where  p  is  a  term).  When  we  write  a  term  p  where  a  formula  is  expected, 
it  is  an  abbreviation  for  the  formula  pjt (FALSE). 

If  a  term  p  is  a  theorem,  then  by  the  rule  of  instantiation,  the  result  of  substituting  any  substitution  into 
p  is  a  theorem. 

We  use  the  symbols  T  and  F  as  abbreviations  for  the  terms  (TRUE)  and  (FALSE),  respectively.  We  do 
not  use  T  and  F  as  variable  symbols. 

We  say  term  t  is  the  nth  CDR  nest  around  the  term  x  iff  n  is  a  natural  number  and  either  (i)  n  is  0  and 
t  is  x  or  (ii)  n>0  and  t  is  (CDR  t’)  where  t'  is  the  n-lst  CDR  nest  around  x.  When  we  write  (CDRn  x) 
where  a  term  is  expected  it  is  an  abbreviation  for  the  nth  CDR  nest  around  x. 

Example:  (CDR2  A)  is  (CDR  (CDR  A)). 

We  say  t  is  the  fn  nest  around  b  for  s  iff  t  and  b  are  terms,  fn  is  a  function  symbol  of  arity  2,  s  is  a 
finite  sequence  of  terms,  and  either  (i)  s  is  empty  and  t  is  b  or  (ii)  s  is  not  empty  and  t  is  (fn  t,  t2)  where 
t,  is  the  first  element  of  s  and  t2  is  the  fn  nest  around  b  for  the  remaining  elements  of  s.  When  we  write 
(fn  tj  ...  tn)Qb  where  a  term  is  expected  it  is  an  abbreviation  for  the  fn  nest  around  b  for  t,,  ...,  tQ. 

Examples:  The  OR  nest  around  F  for  A,  B,  and  C  is  the  term  (OR  A  (OR  B  (OR  C  F))),  which  may 
also  be  written  (OR  A  B  C)QF. 

The  basic  axioms  are  the  axioms  and  definitions  in  Section  THEORY. 

Formula  t  can  be  proved  directly  from  a  set  of  axioms  A  if  and  only  if  t  may  be  derived  from  the 
axioms  in  A  by  applying  the  following  rules  of  inference: 

e  the  propositional  calculus  with  equality  and  function  symbols; 

e  the  rule  of  inference  that  any  instance  of  a  theorem  is  a  theorem;  and 

•  the  principle  of  induction  as  stated  in  subsection  INDUCTION. 

There  are  five  kinds  of  axiomatic  acts:  (a)  an  application  of  the  shell  principle  (subsection  SHELLS),  (b) 
an  application  of  the  principle  of  definition  (subsection  DEFNS),  (c)  an  application  of  the  reflection 
principle  (subsection  REFLECT),  (d)  the  declaration  of  a  *new*  function  symbol  (subsection  DCL),  and  (e) 
the  addition  of  an  arbitrary  formula  as  an  axiom. 

Each  such  act  adds  a  set  of  axioms.  The  axioms  added  by  an  application  of  the  first  four  acts  are 
described  in  the  relevant  subsections.  The  axioms  added  by  the  addition  of  an  arbitrary  formula  is  the 
singleton  set  consisting  of  the  formula. 

A  history  h  is  a  finite  sequence  of  axiomatic  acts  such  that  either  (i)  h  is  empty  or  (ii)  b  is  obtained  by 
concatenating  to  the  end  of  a  history  h'  an  axiomatic  act  that  is  'admissible*  under  h’.  An  arbitrary 
axiom  is  admissible  under  any  h'.  The  specification  of  the  shell,  definitional,  reflection,  and  declaration 
principles  define  'admissiblity*  in  those  instances. 

The  axioms  of  a  history  b  is  the  union  of  the  basic  axioms  together  with  the  union  of  the  axioms  added 
by  each  act  in  h. 

A  function  symbol  fn  is  new  in  a  history  h  iff  fn  is  called  in  no  axiom  of  h.  A  term  t  is  old  in  a  history  h 
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iff  bo  fuactioo  symbol  called  is  t  is  sew  io  h. 

The  axiomatic  act  of  adding  a  shell,  if  admissible,  adds  a  set  of  axioms  that  describe  a  •new*  inductively 
constructed  data  type.  Each  application  names  a  'constructor*  function  symbol,  a  *recognizer*  function 
symbol,  and  some  'accessors.*  In  addition,  the  application  may  optionally  name  a  'bottom*  function 
symbol.  To  describe  the  admissibility  criteria  and  the  axioms  added  we  make  the  following  conventions. 

The  constructor  function  symbols  of  a  history  h  is  the  union  of  {ADDl  CONS  PACK  MINUS}  and  the 
set  of  function  symbols  consisting  exactly  of  the  constructor  function  symbol  of  every  application  of  the 
shell  principle  in  h.  The  recognizer  function  symbols  of  a  history  h  is  union  of  {TRUEP  FALSEP 
NUMBERP  LISTP  LIT  ATOM  NEGATIVEP}  and  the  set  consisting  exactly  of  the  recognizer  function 
symbol  of  every  application  of  the  shell  principle  in  h.  The  bottom  function  symbols  of  a  history  h  is 
union  of  {TRUE,  FALSE,  ZERO}  and  the  set  consisting  exactly  of  the  bottom  function  symbol  of  every 
application  of  the  shell  principle  in  b  for  which  a  bottom  function  symbol  was  supplied. 

We  say  r  is  the  type  of  fn  iff  either  (i)  r  is  given  as  the  type  of  fn  in  the  table  below  or  (ii)  fn  is  a 
constructor  or  bottom  function  symbol  introduced  in  the  same  axiomatic  act  in  which  r  was  the  recognizer 
function  symbol. 

fn  type  of  fn 

ADDl  NUMBERP 

ZERO  NUMBERP 

CONS  LISTP 

PACK  LITATOM 

MINUS  NEGATIVEP 

A  type  restriction  over  a  set  of  function  symbols  s  is  a  pair  <flg,s’>  where  fig  is  either  the  word  ONE- 
OF  or  NONE-OF  and  s’  is  a  finite  sequence  every  element  of  which  is  an  element  of  s. 

A  function  symbol  fn  satisfies  a  type  restriction  <flg,s’>  iff  either  fig  is  ONE-OF  and  fn  is  an  element 
of  s'  or  fig  is  NONE-OF  and  fig  is  not  an  element  of  s'. 

We  say  t  is  the  type  restriction  term  for  a  type  restriction  <flg,(r,  ...  rn)>  and  the  variable  symbol  v  iff 
fig  is  ONE-OF  and  t  is  (OR  (r,  v)  ...  (rn  v))QF  or  fig  is  NONE-OF  and  t  is  (NOT  (OR  (r,  v) ...  (rn 
v))OF). 

Examples:  Let  tr,  be  the  pair  <ONE-OF, (LISTP  LITATOM)>.  Then  tr,  is  a  type  restriction  over  the 
set  (NUMBERP  LISTP  LITATOM}.  The  function  symbol  LISTP  satisfies  tr,  but  the  function  symbol 
NUMBERP  does  not.  The  type  restriction  term  for  tr,  and  XI  is  (OR  (LISTP  Xl)  (OR  (LITATOM  Xl) 
F)).  Let  tr2  be  the  pair  < NONE-OF, (NUMBERP )>.  Then  tr2  is  a  type  restriction  over  the  set 
{NUMBERP  LISTP  LITATOM}.  The  function  symbol  LISTP  satisfies  tr2  but  the  function  symbol 
NUMBERP  does  not.  The  type  restriction  term  for  tr2  and  X2  is  (NOT  (OR  (NUMBERP  X2)  F)). 

We  say  tr  is  the  ith  type  restriction  for  a  constructor  function  symbol  fn  iff  1  <_  i  n  and  either  tr  is  as 
given  by  the  table  below  or  tr  is  the  ith  type  restriction  specified  in  the  axiomatic  act  in  which  fn  was 
introduced. 


fn 

1st  type  restriction 

2nd  type  restriction 
(If  applicable) 

ADDl 

<ONE .  OF ,  (NUMBERP)  > 

CONS 

<NONE.OF,  ()> 

<NONE.OF,  0> 

PACK 

<none:.of,  o> 
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MINUS  <ONE.OF.  (NUMBERP)> 

Below  we  give  the  ghell  axioms  for: 

constructor  const  of  n  arguments 
with  {optionally.  Sottas  function  btm) 
recognizer  r. 

accessors  act . ac,, 

type  restrictions  tr, .  . . . .  trv  and 
default  functions  dVj . dvt , 

in  hietory  h,  where  const  is  a  function  symbol  of  n  arguments,  btm  (if  supplied)  is  a  function  symbol  of  no 
arguments,  r  and  the  ac;  are  function  symbols  of  1  argument,  the  tr;  are  type  restrictions  over  the 
recognizers  of  h  together  with  the  symbol  r,  and  the  dvj  are  function  symbols  of  no  arguments.  In  the 
formulas  below,  T  should  be  used  for  all  occurrences  of  (r  (btm))  and  F  used  for  all  terms  of  the  form 
(EQUAL  x  (btm))),  if  no  btm  is  supplied. 

(1)  (OR  (EQUAL  (r  X)  T) 

(EQUAL  (r  X)  F)), 

(r  (const  XI  .  .  Xn)) , 

(r  (btm)), 

(NOT  (EQUAL  (const  XI  . . .  Xn)  (btm))),  and 

(IMPLIES  (AND  (r  X) 

(NOT  (EQUAL  X  (btm)))) 

(EQUAL  (const  (act  X)  ...  (ac,  X)) 

X)); 

(2)  for  each  1  from  1  to  n,  the  following  formula: 

(IMPLIES  trtt 

(EQUAL  (aic1  (const  XI  . . .  Xn)) 

Xi)) 

where  trt1  Is  the  type  restriction  term  for 
trt  and  XI; 

(3)  for  each  l  from  1  to  n,  the  following  formula: 

(IMPLIES  (OR  (NOT  (r  X)) 

(OR  (EQUAL  X  (btm)) 

(AND  (NOT  trtp 

(EQUAL  X  (const  XI  . . .  Xn))))) 

(EQUAL  (acx  X)  (dvt))) 

where  trtj  is  the  type  restriction  term  for 
trt  and  XI; 

(4)  the  formulas: 

(NOT  (r  T))  and 

(NOT  (r  F)); 

(6)  for  each  recognizer,  r*.  in  the  recognizer  functions 
of  h  the  formula: 
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(DPLIES  (r  X)  (NOT  (r*  X))); 

(6)  thu  formula: 

(IMPLIES  (r  X) 

(EQUAL  (COUNT  X} 

(IF  (EQUAL  X  (bta)) 

(ZERO) 

(ADD1  (PLUS  (aCj  X) 

(ac,  X))®(ZER0))))) 

We  say  t  is  an  explicit  value  term  in  a  history  h  iff  t  is  a  term  and  either  (i)  t  is  a  call  of  a  bottom 
function  symbol  in  h,  or  (ii)  t  is  a  call  of  a  constructor  function  symbol  fn  in  h  on  arguments  a,,  ....  an  and 
for  each  i  from  1  to  n,  a-(  is  an  explicit  value  term  in  h  and  the  type  of  the  top  function  symbol  of  aj 
satisfies  the  i*  type  restriction  for  the  constructor  function  fn.  We  frequently  omit  reference  to  the 
history  h  when  it  is  obvious  by  context. 

Examples:  The  following  are  explicit  value  terms: 

(ADD1  CADD1  (ZERO))) 

(CONS  (PACK  (ZERO))  (CONS  (TRUE)  (ADD1  (ZERO)))) 

The  term  (ADD1  X)  is  not  an  explicit  value.  The  term  (ADD1  (TRUE))  is  not  an  explicit  value,  because 
the  top  function  symbol  of  (TRUE)  does  not  satisfy  the  type  restriction,  <ONE-OF,  (NUMBERP)>,  for 
the  first  argument  of  ADD1. 

We  next  develop  the  notion  that  certain  explicit  value  terms  are  the  "quotations*  of  other  terms.  We 
begin  by  setting  up  the  correspondence  between  the  LfTATOMs  of  the  logic  and  the  symbols  of  our 
syntax. 

We  say  a  term  e  is  the  NUMBERP  corresponding  to  the  natural  number  n  iff  either  (i)  n  is  0  and  e  is 
(ZERO)  or  (ii)  n  is  nonzero  and  e  is  (ADD1  e’)  where  e’  is  the  NUMBERP  corresponding  to  n-1. 

Example:  The  NUMBERP  corresponding  to  2  is  (ADD1  (ADD1  (ZERO))). 

When  we  write  a  nonnegative  integer,  n,  where  a  term  is  expected,  the  integer  is  an  abbreviation  of  the 
NUMBERP  corresponding  to  n. 

Example:  The  term  (PLUS  2  X)  is  an  abbreviation  for  (PLUS  (ADD1  (ADDl  (ZERO)))  X). 

We  say  a  term  e  is  the  explosion  of  a  sequence  of  ASCII  characters,  s,  iff  either  (i)  s  is  empty  and  e  is 
(ZERO)  or  (ii)  s  is  a  character  c  followed  by  some  sequence  s'  and  e  is  (CONS  i  e’)  where  i  is  the 
NUMBERP  corresponding  to  the  ASCII  code  for  c  and  e'  is  the  explosion  of  s’. 

Example:  The  ASCII  codes  for  the  characters  A,  B,  and  C  are  65,  66,  and  67  respectively.  Then  the 
explosion  of  ABC  is: 

(CONS  66  (CONS  66  (CONS  67  0))) . 

We  say  the  term  e  is  the  LITATOM  corresponding  to  a  symbol  s  iff  e  is  the  term  (PACK  e’)  where  e’  is 
the  explosion  of  s. 


When  we  write  a  symbol  s  enclosed  in  quotation  marks,  e.g.,  "PLUS",  where  a  term  is  expected,  it 
abbreviates  the  LITATOM  corresponding  to  s. 
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Example:  When  we  write  'ABC'  where  a  term  is  expected  we  mean  the  LITATOM  corresponding  to 
ABC,  i.e.,  the  term 

(PAOC  (CONS  66  (CONS  66  (CONS  67  0)}))  . 

The  use  of  the  quotation  mark  convention  is  confined  to  the  formal  explication  of  the  theory.  In  the 
implemented  syntax  we  have  a  much  more  elaborate  convention  that  permits  the  abbreviation  of 
arbitrary  explicit  values. 

We  now  define  the  notion  of  'quotation.*  We  use  LIT ATOMS  to  represent  the  variable  and  function 
symbols  and  LISTPs  to  stich  the  pieces  together.  However,  we  desire  also  to  permit  explicit  values  to  be 
quoted  in  a  special  way.  This  makes  the  notion  of  'quotation*  depend  upon  the  notion  of  'explicit 
value,*  which,  recall,  involves  a  particular  history  h  from  which  the  constructor  and  bottom  functions  are 
drawn.  This  is  the  only  sense  in  which  the  notion  of  'quotation*  depends  upon  a  history. 

We  say  e  is  a  quotation  of  t  (in  some  history  h  which  is  implicit  throughout  this  definition)  iff  e  and  t 
are  terms  and  either  (i)  t  is  a  variable  symbol  and  e  is  the  LITATOM  corresponding  to  t,  (ii)  t  is  an 
explicit  value  term  and  e  is  (CONS  'QUOTE'  (CONS  t  'NIL')),  or  (iii)  t  has  the  form  (fn  a,  ...  an)  and  e 
is  (CONS  efn  elst)  where  efn  is  the  LITATOM  corresponding  to  fn  and  elst  is  a  'quotation  list*  (see 
below)  of  aj  ...  an. 

We  say  elst  is  a  quotation  list  of  tlst  (in  some  history  h  which  is  implicit  throughout  this  definition)  iff 
elst  is  a  term  and  tlst  is  a  sequence  of  terms,  and  either  (i)  tlst  is  empty  and  elst  is  'NIL*  or  (ii)  tlst 
consists  of  a  term  t  followed  by  a  sequence  tlst’  and  elst  is  (CONS  e  elst')  where  e  is  a  quotation  of  t  and 
elst’  is  a  quotation  list  of  tlst'. 

Examples:  Below  we  give  some  terms  and  examples  of  their  quotations. 


tern 

quotation 

ABC 

•ABC' 

(ZERO) 

(CONS  'ZERO*  'NIL') 

(ZERO) 

(CONS  'QUOTE* 

(CONS  (ZERO)  'NIL')) 

CADD1  X) 

(CONS  'ADD1' 

(CONS  'X*  'NIL')) 

The  meta  axioms  for  f,  where  f  is  a  function  symbol  of  arity  n,  are  given  below.  In  the  formulas  we  use 
*f*  as  a  metavariable  denoting  the  LITATOM  corresponding  to  f  and  nn  as  a  metavariable  denoting  the 
NUMBERP  corresponding  to  n. 

(EQUAL  (APPLY  *f  L) 

(f  (CAR  (CDR0  L))  ...  (CAR  (CDR""1  L)))) 

(EQUAL  (ARITY  'f')  nn) 

A  term  t  is  tame  (in  some  history  h  which  is  implicit  throughout  this  definition)  iff  either  (i)  t  is  a 
variable,  or  (ii)  t  is  a  call  of  a  function  symbol  fn  on  arguments  at,  ...,  aQ,  each  aj  is  tame,  and  one  of  the 
following  obtains: 

•  fn  is  INTERPRET  and  a,  is  a  quotation  of  a  term  t,,  t(  is  old  in  h,  and  t,  is  tame;  or 

•  fn  is  INTERPRET-LIST  and  a,  is  a  quotation  list  of  a  sequence  of  terms  t,  t,  ...,  t,  k,  each  t} ; 

is  old  in  h,  and  each  t.  •  is  tame;  or 
■  »* 


•  fan  INTERP,  a,  is  an  explicit  value  and  either  (i)  a,  is  not  'LIST*  and  is  a  quotation  of  a 
term  t2,  t2  is  old  in  h  and  t2  is  tame,  or  (ii)  a,  is  'LIST*  and  a,  is  a  quotation  list  of  a 
sequence  of  terms  t2  ,, ....  t2  k,  each  t2 ;  is  old  in  h  and  each  t2i  is  tame;  or 

•  fa  is  FOR,  a,  is  a  quotation  of  a  term  ts,  ts  is  old  in  h,  and  ta  is  tame,  and  a5  is  a  quotation  of 
a  term  tfi,  t5  is  old  in  h  and  t&  is  tame;  or 

•  fa  is  not  INTERPRET,  INTERPRET-LIST,  INTERP,  FOR,  or  APPLY. 

Note  that  any  term  not  calling  INTERP,  INTERPRET,  INTERPRET-LIST,  APPLY  or  FOR  is  tame. 
Furthermore,  if  the  only  function  symbol  called  among  those  just  listed  is  FOR,  then  the  term  is  tame 
provided  only  that  the  third  and  fifth  arguments  of  the  FOR  are  quotations  of  old,  tame  terms. 

Examples:  The  following  terms  are  tame: 

X 

(ADD1  X) 

(INTERPRET  (CONS  *ADD1*  (CONS  'X'  'NIL')) 

A3 

(INTERP  'LIST' 

(CONS  COINS  'AUDI'  (CONS  'X'  'NIL')) 

(CONS  'Y' 

■NIL')) 

A) 

The  last  two  examples  may  be  displayed  in  the  implemented  syntax  (as  opposed  to  the  simple  syntax)  as 
follows: 

(INTERPRET  '  (ADD1  X)  A) 

(INTERP  ‘LIST  ‘(CADD1  X)  Y)  A) 

The  following  term,  displayed  in  the  implemented  syntax,  is  tame 
(INTERPRET  *  (INTERPRET  '  (ADD1  X)  A)  B)  , 

even  though  the  interpreted  form  involves  INTERPRET.  The  term  (INTERPRET  (CONS  FN  ARGS)  A) 
is  not  tame  because  (CONS  FN  ARGS)  is  not  the  quotation  of  a  term. 

A  term  t  contains  a  hidden  call  of  a  function  symbol  fa  (in  some  history  h  which  is  implicit  throughout 
this  definition)  iff  t  is  a  call  of  a  function  symbol  fn  on  arguments  at,  ....  aD  and  either  one  of  the  a; 
contains  a  hidden  call  of  fn  or  one  of  the  following  obtains: 

•  fn  is  INTERPRET  and  a,  is  a  quotation  of  a  term  t,  and  tt  either  calls  fn  or  contains  a 
hidden  call  of  fn; 

•  fn  is  INTERPRET-LIST  and  a,  is  a  quotation  list  of  a  sequence  of  terms  tj  . . t,  k  and  some 

tt  j  either  calls  fn  or  contains  a  hidden  call  of  fn; 

•  fa  is  INTERP,  a,  is  an  explicit  value  and  either  (i)  a,  is  not  'LIST*  and  is  a  quotation  of  a 
term  t2  and  t2  either  calls  fn  or  contains  a  hidden  call  of  fa,  or  (ii)  a,  is  'LIST*  and  a,,  is  a 
quotation  list  of  a  sequence  of  terms  t2  ,,  ....  t2  k  and  some  t2  j  either  calls  fn  or  contains  a 
hidden  call  of  fn; 

•  fn  is  FOR  and  either  (i)  a3  is  a  quotation  of  a  term  ts  and  ts  either  calls  fn  or  contains  a 
hidden  call  of  fn  or  (ii)  a&  is  a  quotation  of  a  term  t6  and  tfi  either  calls  fn  or  contains  a  hidden 
call  of  fn; 
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Examjries:  Suppose  FN  is  a  function  symbol  of  1  argument.  Then  the  term  (ADD1  (FN  X))  calls  FN 
but  contains  no  hidden  calls  of  FN.  The  term  (ADD1  (INTERPRET  (CONS  "FN*  (CONS  -X*  ■NIL')) 

A))  does  not  call  FN  but  does  contain  a  hidden  call  of  FN. 

We  say  that  a  term  t  governs  an  occurrence  of  a  term  s  in  a  term  b  iff  either  b  contains  a  subterm  of 
the  form  (IF  t  p  q)  and  the  occurrence  of  s  is  in  p,  or  if  b  contains  a  subterm  of  the  form  (IF  t’  p  q),  where 
t  is  (NOT  t')  and  the  occurrence  of  s  is  in  q. 

Examples:  The  terms  P  and  (NOT  Q)  govern  the  first  occurrence  of  S  in: 

(IF  P 

(IF  (IF  QAS) 

S 

B) 

C) 

The  terms  P  and  (IF  Q  A  S)  govern  the  second  occurrence  of  S. 


2.  The  Formal  Theory 

We  now  present  the  axioms  and  rules  of  inference  of  our  logic. 

The  axioms  presented  in  the  format: 

Defining  Axiom. 

(f  x,  . . .  xj  =  body 

have  the  special  property  that  it  can  be  shown  (in  a  suitable  theory  of  sets)  that  one  and  only  one  function 
f  satisfies  the  equation. 

In  general  we  use  the  principle  of  definition 

Definition. 

(f  Xj  . . .  *,)  =  body 

to  add  such  axioms.  However,  the  admissibility  requirements  on  the  principle  of  definition  require  that 
certain  theorems  be  provable  —  theorems  that  in  fact  guarantee  that  one  and  only  one  function  satisfies 
the  equation.  However,  until  enough  of  the  logic  has  been  built  up,  the  required  theorems  cannot  be 
proved. 

Thus,  the  presentation  of  the  logic  is  structured  as  follows.  First  we  list  a  collection  of  axioms  defining 
many  of  the  most  primitive  function  symbols.  Then  we  present  the  induction  principle  and  the  extension 
principles,  including  the  definitional  principle.  Then  we  invoke  the  definitional  principle  to  add  the 
definitions  of  many  useful  functions. 

2.1.  TRUE,  FALSE,  IF  and  EQUAL 

Axiom 
T  /  F 

Axiom. 

X  =  Y  ->  (EQUAL  X  Y)  =  T 


Axiom. 

X  *  Y  ->  (EQUAL  X  Y)  =  F 
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Axloa. 

X  =  F  ->  (IF  X  Y  Z)  =  Z 
Axica. 

X  t  F  ->  (IF  X  Y  Z)  =  Y. 


Defining  Axloa. 

CTKUEP  X)  =  (EQUAL  X  T) 


Defining  Axica. 

(FALSEP  X)  =  (EQUAL  X  F) 


Defining  Axica. 

(NOT  P) 

(IF  P  F  T) 

Defining  Axica. 

(AND  P  Q) 

(IF  P  (IF  Q  T  F)  F) 

Defining  Axloa. 

(OR  P  © 

(IF  P  T  (IF  Q  T  F)) 

Defining  Axiom. 
(IMPLIES  P  Q) 

(IF  P  (IF  Q  T  F)  T)  . 


2.2.  Natural  Numbers 

We  assume  the  shell  axioms  for 


constructor  ADD1  of  one  argument 
with  bottom  object  ZERO, 
recognizer  NUNBERP. 
accessor  SUB1. 

type  restriction  <ONE-OF, (NUMBER?) > , 
default  function  ZERO. 


We  now  add  three  additional  axioms  about  COUNT. 

Axiom. 

(NUMBER?  (COUNT  X)) 

Axica. 

(EQUAL  (COUNT  T)  0) 

Axica. 

(EQUAL  (COUNT  F)  0) 


We  now  introduce  the  axiom  defining  PLUS,  which  was  used  in  the  shell  axioms. 
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Defining  Axles . 

(ZEROP  X) 

(OR  (EQUAL  X  0)  (NOT  (NUMBER?  X))) 

Defining  Axles. 

(FIX  X)  =  (IF  (NUMBBtP  X)  X  0) 

Defining  Axles. 

(PLUS  X  Y) 

(IF  (ZEROP  X) 

(FIX  Y) 

(ADD1  (PLUS  (SUB1  X)  Y))) 


2.3.  Ordered  Pair* 

We  assume  the  shell  axioms  for 


constructor  0(96  of  two  arguments 
with  recognizer  LISTP, 
accessors  CAR  and  CDR, 
default  functions  ZERO  and  ZERO. 


3.4.  Literal  Atoms 
We  assume  the  shell  axioms  for: 


constructor  PACK  of  one  argument 
recognizer  LITATDM. 
accessor  UNPACK, 
default  function  ZERO. 


2.5.  Negative  Integers 

We  assume  the  shell  axioms  for 

constructor  MINUS  of  one  argument 
with  recognizer  NEGATIVEP. 
accessor  NEGATIVE. GUTS, 
type  restriction  <0NE-0F, (NUMBERP) > , 
default  function  ZERO. 


2.0.  Ordinals 

We  now  use  NUMBERPs  and  LISTPs  to  represent  the  ordinals  up  to  epsilon0.  The  table  below 
illustrates  our  representation.  The  notation  used  is  that  of  the  impleme;  led  syntax,  not  the  formal 
syntax. 

ordinal  representation 

0  0 

1  1 

2  2 

3  3 

•(i  .  o) 


w 
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I 


v+1 

•(1  • 

1) 

v+2 

•(1  . 

2) 

2w 

*(11 

.  0) 

2w+l 

•(1  1 

.  1) 

v2’ 

•(2  . 

0) 

y*+v+3 

•(2  1 

.  3) 

w»’ 

’(3  . 

0) 

w* 

•((1 

.  0) 

We  assume  the  following  axiom  defining  LESSP,  the  less  than  relation  on  the  natural  numbers. 

Defining  Axloo. 

(LESSP  X  Y) 

(IF  (ZERJCP  Y) 

F 

(IF  (ZE3UJP  X) 

T 

(LESSP  (SUB1  X)  (SUB1  Y)))) 


The  less  than  relation  on  the  ordinals  is  then  defined  as  follows: 

Deflnlng  Axioti . 

(ORD- LESSP  X  Y) 

(IF  (NLISTP  X) 

(IF  (NLISTP  Y) 

(LESSP  X  Y) 

T) 

(IF  (NLISTP  Y) 

F 

(IF  (ORD- LESSP  (CAR  X)  (CAR  Y)) 

T 

(AND  (EQUAL  (CAR  X)  (CAR  Y)) 

(ORD- LESSP  (CDR  X)  (CDR  Y)))))) 


The  function  for  recognizing  ordinals  is  defined  as  follows: 
Defining  Axloo. 

(ORDINALP  X)  =  (OR  (EQUAL  X  0)  (ORDP  X)) 

where 


Defining  Axloo. 

(ORDP  XJ 

(IF  (NLISTP  X) 

(IF  (NUMBEXP  X)  (NOT  (EQUAL  X  0))  F) 

(AND  (ORDP  (CAR  X}) 

(ORDP  (CDR  X}) 

(IF  (LISTP  (CM  X)) 

(NOT  (ORD- LESSP  (CAR  X)  (CAM  X))) 
T))) 


Our  principles  of  induction  and  definition  are  based  on  the  assumption  that  ORD-LESSP  is  well-founded 


ob  the  ORDINALPs.  That  is,  there  is  bo  infinite  sequence  o0,  o,,  oJt  ...  with  the  property  that  for  each 
natural  number  i,  (ORDINALP  Oj)  and  (ORD-LESSP  oi+,  Oj). 

The  well-founded  lexicographic  relation  on  n-tuples  of  natural  numbers  induced  by  LESSP  can  be 
obtained  by  an  appropriate  use  of  ORD-LESSP.  For  example,  suppose  if  i,,  j,,  ig,  and  js  are  all 
NUMBERPs.  Then  the  pair  <itJ|>  is  lexicographically  smaller  than  precisely  when 

(ORD-LESSP  (CONS  (CONS  lt  0}  jt) 

(CONS  (CONS  1,  0)  J,)). 

1.7.  Basle  Mata  Axioms 

In  general,  every  history  will  include  the  meta  axioms  for  every  function  symbol  used  in  the  axioms  of 
the  history  with  the  exceptions  of  APPLY  and  UNDEF.  The  axiomatic  acts  (with  which  the  user 
constructs  histories)  are  defined  to  add  the  appropriate  meta  axioms  for  each  new  function  symbol. 
However,  in  constructing  the  basic  axioms  we  have  not  yet  begun  to  use  the  axiomatic  acts  and  thus  have 
to  assume  the  meta  axioms  explicitly  for  each  function  symbol  introduced  so  far. 

We  assume  the  meta  axioms  for  the  function  symbols  TRUE,  FALSE,  IF,  EQUAL,  TRUEP,  FALSEP, 
NOT,  AND,  OR,  IMPLIES,  COUNT,  ADD1,  ZERO,  NUMBERP,  SUBl,  ZEROP,  FIX,  PLUS,  CONS, 
LISTP,  CAR,  CDR,  PACK,  LITATOM,  UNPACK,  MINUS,  NEGATIVE?,  NEGATIVE-GUTS,  LESSP, 
ORD-LESSP,  ORDP,  ORDINALP  and  ARITY. 

We  assume  the  following  axioms: 

(EQUAL  (ARITY  "APPLY*)  2) 

(EQUAL  (ARITY  "UNDEF")  1) 

1.8.  Induction 

The  rules  of  inference  of  our  logic  consist  of  the  usual  rules  of  inference  of  propositional  calculus  with 
equality,  including  the  rule  that  any  instance  of  a  theorem  is  a  theorem,  together  with  the  following 
principle  of  mathematical  induction: 

Suppoee: 

(a)  p  is  a  tern; 

(b)  ■  Is  a  function  symbol  of  n  arguments; 

(c)  Xj . xB  are  distinct  variables; 

(d)  qt . q*  are  terms; 

(e)  hj,  ....  hk  are  positive  Integers, 

(f)  it  Is  a  theorem  that  (ORDINALP  (d  x,  ...  x#)); 
and 

(g)  for  1<1<X  and  l<)<h1,  s1  j 

Is  a  substitution  and  lt  Is  a  theorem  that: 

(IMPLIES  qt  (ORD-LESSP  (ax,  ...  x,)/st  . 

(m  x,  ...  xB))).’ 

Then  p  Is  a  theorem  if 

(IMPLIES  (AND  (NOT  qt)  ...  (NOT  q^lT 

P> 


IS 


is  ft  theorem  sad 
for  each  l<l<lc, 

(IMPLIES  CAM)  q*  p/st  t  ...  p/st  )«fT 
P> 

iS  ft  theorem. 


1.0.  The  Shell  Principle 
The  axiomatic  act: 

Shell  Definition 

add  the*shell  const  of  n  arguments 
with  (optionally.  bottoa  function  bta) 
recognizer  r, 

accessors  sc, . aca, 

type  restrictions  trt . tra,  and 

default  functions  drt . dva, 

h  admissible  under  the  history  h  provided: 

(a)  const  is  a  new  function  symbol  of  n  arguments, 

(bta  is  a  new  function  symbol  of  no  arguments, 
if  a  bottom  object  is  supplied),  r.  acj.  .... 

aca  are  new  function  symbols  of  one  argument, 
and  all  the  above  function  symbols  are  distinct; 

(b)  each  trt  is  a  type  restriction  over  the  recognizers 
of  h  together  with  the  symbol  r; 

(c)  for  each  1,  dv1  is  either  bta  or  one  of  the 
bottoa  functions  of  h;  and 

(d)  for  each  1,  if  dvt  is  bta  then  r  satisfies  tr1 
and  otherwise  the  type  of  dvt  satisfies  trt. 

If  admissible  we  add  the  shell  axioms  for 

constructor  const  of  n  arguments 
with  (optionally,  bottom  function  bta) 
recognizer  r. 

accessors  act . acB, 

type  restrictions  trt . tra,  and 

default  functions  dvt,  ....  dva, 

along  with  the  meta  axioms  for  const,  r,  ac,,  ...,  acD,  and  (if  btm  was  supplied)  btm. 
If  the  tfj  are  not  specified,  they  should  each  be  assumed  to  be  <NONE-OF,()>. 
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1.10.  The  Principle  of  Definition 
The  axiomatic  act: 

Def lnltlon .  (t  x,  ...  -  body 

is  admissible  under  the  history  h  provided: 

(a)  f  is  a  function  symbol  of  n  arguments  and  is  new  in  b; 

(b)  Xj,  . ...  x,  are  distinct  variables; 

(c)  body  is  a  term  and  mentions  no  symbol  as  a 

variable  other  than  x, . x,; 

(d)  body  is  a  tame  term  in  history  h; 

(e)  body  contains  no  hidden  calls  of  f  in  history  b;  and 

(f)  there  is  a  function  symbol  m  of  n  arguments,  such 
that  (i)  (ORDINALP  (m  x1  ...  x,)) 

can  be  proved  directly  in  h.  and  (11)  for  each 
occurrence  of  a  subterm  of  the  form  (f  y,  ...  y#) 

in  body  and  the  terms  t,.  ....  t*  governing  it. 
the  following  formula  can  be  proved  directly  in  h: 

(IMPLIES  (AM)  tt  ...  t^ST 

(ORD-LESSP  (m  yt  ...  yft) 

(mx,  ...  Xj,))) . 

If  admissible,  we  add  the  meta  axioms  for  f  and  the  axiom: 

(f  Xj  . . .  x,)  =  body. 


S.ll.  The  Principle  of  Reflection 

The  axiomatic  act: 

Reflect,  (f  Xj  . . .  xn)  =  body 

is  admissible  under  the  history  h  provided: 

(a)  f  is  a  function  symbol  of  n  arguments  and  is  new  in  b; 

(b)  x, . x,  are  distinct  variables; 

(c)  body  is  a  term  and  mentions  no  symbol  as  a 
variable  other  than  Xj.  . ...  x,; 

(d)  body  is  a  tame  term  In  history  h; 

(e)  body  contains  no  hidden  calls  of  f  in  history  h; 

(f)  there  is  a  function  symbol  m  of  n  arguments, 

a  function  symbol  f  of  n  arguments,  and  a  term 
body'  obtained  by  replacing  every  occurrence  of  f 


as  a  function  synbol  In  body  by  f.  sncb  that 

(1)  (GRDINALP  On  Xj  . . .  x,))  can  be 

proved  directly  In  h,  (11)  the  fornula 

(BJUAL  (f  x,  ...  i,)  body*) 

can  be  proved  directly  in  h  and  (111)  for  each 

occurrence  of  a  subtera  of  the  fora  (f  *  yt  ...  yB) 

In  body*  and  the  teras  t\.  ....  t‘k  governing  It. 
the  following  foranla  can  be  proved  directly  In  h: 

(IMPLIES  (AN)  t't  ...  fk)iT 

(ORD-LESSP  (a  yt  . . .  ym) 

(a  ^  ...  x,)))  ■ 

if  admissible,  we  add  the  meta  axioms  for  f  and  the  axiom: 

(f  Xj  ...  x,)  =  body. 

Ml.  The  Principle  of  Declaration 

The  axiomatic  act: 

Declare,  (f  Xj  ...  x,) . 
is  admissible  in  history  b  provided  that: 

(a)  f  Is  a  function  symbol  of  n  arguments  and  is  new  In  h;  and 

(b)  Xj.  . ...  x,  are  distinct  variable  symbols. 

The  axioms  added  by  an  admissible  declaration  are  the  meta  axioms  for  f. 

S.13.  Useful  Function  Definitions 

We  now  introduce  a  variety  of  useful  functions.  These  functions  are  part  of  the  basic  theory  either 
because  (i)  they  are  used  in  our  implementation  of  the  interpreter  (e  g.,  LOOKUP),  (ii)  we  have  found  it 
necessary,  from  a  practical  point  of  view,  to  build  knowledge  of  them  into  the  theorem-prover  (e.g., 
DIFFERENCE  is  used  in  the  linear  arithmetic  decision  procedure),  or  (iii)  the  von  Neumann  machine  on 
which  the  theorem-prover  runs  provides  means  of  computing  the  functions  that  are  significantly  faster 
than  merely  compiling  the  recursive  definitions  (e.g.,  QUOTIENT).  Our  interest  in  computational 
efficiency  stems  from  our  desire  that  the  logic  be  a  useful  functional  programming  language  and  not  from 
theorem-proving  considerations.  Each  of  the  following  functions  is  introduced  with  the  principle  of 
definition  and  hence  for  each  we  also  assume  the  corresponding  meta  axioms. 

We  first  define  some  useful  functions  on  the  natural  numbers. 

Definition. 

(GREATER?  X  Y)  =  (LESSP  Y  X) 

Definition . 

(LEQ  X  Y)  =  (NOT  (LESSP  Y  X)) 

Definition . 

(GEQ  X  Y)  =  (NOT  (LESSP  X  Y)) 

Definition . 

(MAX  X  Y)  =  (IF  (LESSP  X  Y)  Y  (FIX  X)) 
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Definition. 

(DIFFERENCE  I  J) 

(IF  (ZEROP  I) 

0 

(IF  (ZEROP  J) 

I 

(DIFFERENCE  (SUB1  I)  (SUB1  J)))) 

Definition. 

(TDES  I  J) 

(IF  (ZEROP  I) 

0 

(PLUS  J  (TIMES  (SUB1  I)  J))) 

Definition. 

(QUOTIENT  I  J) 

(IF  (ZEROP  J) 

0 

(IF  (LESSP  I  J) 

0 

(ADD1  (QUOTIENT  (DIFFERENCE  I  J)  J)))) 

Definition . 

(REMAINDER  I  J) 

(IF  (ZEROP  J) 

(FIX  I) 

(IF  (LESSP  I  J) 

(FIX  I) 

(REMAINDER  (DIFFERENCE  I  J)  J))) 

Next  we  define  some  useful  list  processing  functions. 
Definition . 

(NLISTP  X)  =  (NOT  (LISTP  X)) 

Definition. 

(LENGTH  LST) 

(IF  (LISTP  LST) 

(ADD1  (LENGTH  (CDR  LST))) 

0) 

Definition . 

(MEMBER  X  LST) 

(IF  (NLISTP  LST) 

F 

(IF  (EQUAL  X  (CAR  LST)) 

T 

(MEMBER  X  (CDR  LST)))) 

Definition. 

(UNION  X  Y) 

(IF  (LISTP  X) 

(IF  (MEMBER  (CAR  X)  Y) 

(UNION  (CDR  X)  Y) 

(CONS  (CAR  X)  (UNION  (CDR  X)  Y))) 
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Definition. 

(SUBSET?  X  Y) 

(IF  (NLISTP  X) 

T 

(IF  OCMBBl  (CAR  X}  Y) 

(SUBSET?  (CDB30  Y) 

F)) 

Definition . 

(ADD-TO-SET  X  SET) 

(IF  (MEMBER  X  SET) 

SET 

(CONS  X  SET)) 

Definition . 

(APPEND  X  Y) 

(IF  (LIST?  X) 

(CONS  (CAR  X)  (APPEND  (CDR  X)  Y)) 

Y) 

Definition. 

(LAST  L) 

(IF  (LISTP  L) 

(IF  (LISTP  (CDR  L)) 

(LAST  (CDR  L)) 

L) 

L) 

Definition. 

(LOCKUP  X  ALIST) 

(IF  (NLISTP  ALIST) 

0 

(IF  (AND  (LISTP  (CAR  ALIST)) 

(EQUAL  X  (CAR  (CAR  ALIST)))) 
(CDR  (CAR  ALIST)) 

(LOCKUP  X  (d«  ALIST)))) 


2.14.  The  Interpreter 

Definition . 

(TAME-FORMP  X) 

(IF  (NLISTP  X) 

T 

(IF  (EQUAL  (CAR  X)  'INTERP') 

(AND  (LISTP  (CAR  (CDR2  X))) 

(EQUAL  (CAR  (CAR  (CDR2  X)))  'QUOTE1)) 

(IF  (EQUAL  (CAR  X)  'INTERPRET') 

(AND  (LIST?  (CAR  (CDR  X))) 

(EQUAL  (CAR  (CAR  (CDR  X)))  'QUOTE')) 

(IF  (EQUAL  (CAR  X)  *  INTERPRET-LIST' ) 

(AND  (LIST?  (CAR  (CDR  X))) 

(EQUAL  (CAR  (CAR  (CDR  X)))  'QUOTE')) 

(IF  (EQUAL  (CAR  X)  'FOR') 

(AND  (LIST?  (CAR  (CDR*  X))) 

(EQUAL  (CAR  (CAR  (CDR8  X)))  'QUOTE')) 

(NOT  (EQUAL  (CAR  X)  'APPLY'))))))) 

The  following  three  axioms  are  inadmissible  under  the  principle  of  definition  because  the  bodies  are  not 
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tame.  However,  if  UNDEF  is  defined  as  an  arbitrary  function  of  one  argument  and  APPLY  is  defined  to 
satisfy  all  of  the  meta  axioms  in  a  history  (which  is  always  possible),  it  can  be  shown  that  there  exists  one 
and  only  one  function  satisfying  each  of  the  following  equations. 

Defining  Axle*. 

(INTER?  FLG  FORM  ALIST) 

(IF  (EQUAL  FLG  ■LIST*) 

(IF  (ttJSTP  FORM) 

•NIL* 

(CONS  (INTER?  T  (CAR  FORM)  ALIST) 

(INTER?  FLG  (CDR  FORK)  ALIST))) 

(IF  (LITATOH  FORM) 

(LOOKUP  FORM  ALIST) 

(IF  (NLISTP  FORM) 

FORM 

(IF  (EQUAL  (CAR  FORM)  ■QUOTE*) 

(CAR  (CDR  FORM)) 

(IF  (TAME-FORMP  FORM) 

(APPLY  (CAR  FORM) 

(INTER?  'LIST*  (CDR  FORM)  ALIST)) 

(UNDEF  (CONS  FORM  (CONS  ALIST  ■NIL*)))))))) 

Defining  Axiom. 

(INTERPRET  FORM  ALIST)  =  (INTER?  T  FORM  ALIST) 

Defining  Axiom. 

(INTERPRET-LIST  LST  ALIST)  =  (INTER?  "LIST*  LST  ALIST) 


We  assume  the  meta  axioms  for  INTERP,  INTERPRET,  and  INTERPRET-LIST. 


2. IS.  Quantification 

We  now  define  our  general  purpose  quantifier  function  FOR. 
Definition . 

(QUANTIFIER-INITIAL-VALUE  FN) 

(IF  (EQUAL  FN  'ADD-TO-SET')  ‘NIL’ 

(IF  (EQUAL  FN  'ALWAYS')  T 

(IF  (EQUAL  FN  'APPEND')  'NIL' 

(IF  (EQUAL  FN  'COLLECT')  'NIL' 

(IF  (EQUAL  FN  'COUNT')  0 

(IF  (EQUAL  FN  'DO- RETURN')  'NIL' 

(IF  (EQUAL  FN  'EXISTS')  F 

(IF  (EQUAL  FN  'MAX')  0 

(IF  (EQUAL  FN  'MULTIPLY')  1 

(IF  (EQUAL  FN  'SUM')  0 

(IF  (EQUAL  FN  'UNION')  'NIL' 

0))))))))))) 
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Definition. 

(QUANTIFIER-OPERATION  FN  ARC  REST) 


(IF  (EQUAL  FN  *ADD-TO-SET*) 
(IF  (EQUAL  FN  •APPEND*) 

(IF  (EQUAL  FN  •COLLECT*) 

(IF  (EQUAL  FN  •COUNT*) 

(IF  (EQUAL  FN  •DO-RETURN*) 
(IF  (EQUAL  FN  'EXISTS*) 

(IF  (EQUAL  FN  ’MAX*) 

(IF  (EQUAL  FN  ’MULTIPLY*) 
(IF  (EQUAL  FN  *SJM*) 

(IF  (EQUAL  FN  'UNION*) 


(ADD-TO-SET  ARC  REST) 
(APPEND  ARC  REST) 

(CONS  ARC  REST) 

(IF  AEG  CADD1  REST)  REST) 
ARC 

(OR  ARC  REST) 

(MAX  ARC  REST) 

(TIMES  ARC  REST) 

(PLUS  ARG  REST) 

(UNION  ARC  REST) 

0))))))))))) 


The  following  axiom  is  inadmissible  under  the  principle  of  definition  because  the  body  is  not  tame. 
However,  under  the  same  conditions  on  UNDEF  and  APPLY  discussed  above,  it  can  be  shown  that  one 
and  only  one  function  satisfies  the  axiom. 


Defining  Axiom. 

(FOR  V  L  CDND  OP  BODY  A) 


(IF  (NLISTP  L) 

(QUANTIFIER- INITIAL-VALUE  OP) 

(IF  (INTERPRET  COND  (CONS  (CONS  V  (CAR  L))  A» 
(QUANTIFIER-OPERATION  OP 

(INTERPRET  BODY  (CONS  (CONS  V  (CAR  L))  A)) 
(FOR  V  (CDR  U  COND  OP  BODY  A)) 

(FOR  V  (CDR  L)  COND  OP  BODY  A))) 


We  assume  the  meta  axioms  for  FOR. 


3.  The  Implemented  Syntax 

The  syntax  used  in  the  theorem-prover  is  somewhat  more  elaborate  than  the  formal  syntax.  Every 
formula  in  the  implemented  syntax  abbreviates  a  formula  in  the  formal  syntax,  according  to  conventions 
described  in  this  Section.  However,  not  every  formula  in  the  formal  syntax  can  be  so  abbreviated.  For 
example,  in  the  formal  syntax  T  is  a  variable  symbol,  while  in  the  implemented  syntax  T  abbreviates  the 
term  (TRUE)  and  there  is  no  way  to  write  a  reference  to  the  variable  symbol  T. 

The  implemented  syntax  is  complicated  by  three  factors.  First,  we  use  the  LISP  reader  to  parse  user 
typein  into  terms  and  thus  must  describe  the  lexical  analysis  performed  by  that  system.  This  includes 
handling  of  the  read  macro  character  ’.  Second,  we  adopt  the  LISP  'quote*  notation  for  certain  explicit 
values,  including  'dot*  notation  for  LISTP  constants.  Third,  we  provide  a  variety  of  abbreviation 
conventions  which  are  context  sensitive  in  the  sense  that  they  are  not  applied  to  'quoted*  constants.  For 
example,  while  1  is  usually  thought  of  as  an  abbreviation  of  (ADD1  (ZERO))  not  all  occurrences  of  1  can 
be  so  replaced.  In  particular,  (QUOTE  1)  and  (QUOTE  (ADDl  (ZERO)))  denote  two  different  constants 
(the  first  is  a  NUMBERP  and  the  second  is  a  LISTP). 

In  order  to  define  our  syntax  precisely  we  exhibit  the  lexical  analyser,  parser,  and  term  recognizer  as 
functions  defined  in  the  formal  logic  itself.  We  ultimately  define  the  function  ISYNTAX  which  takes  as 
input  a  list  of  numeric  character  codes  and  delivers  either  F  or  the  quotation  of  a  formal  term.  Suppose 
stream  is  the  CONS  nest  around  'NIL*  of  the  ASCII  character  codes  of  the  characters  in  the  sequence 
s.  If  (ISYNTAX  stream)  is  F,  then  s  is  an  ill-formed  expression  in  the  implemented  syntax.  Otherwise 
(ISYNTAX  stream)  is  the  quotation  of  a  formal  term  t  and  s  is  a  well-formed  expression  in  the 
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implemented  syntax  and  denotes  the  term  t. 


3.1.  Examples  of  the  Implemented  Syntax 

In  this  section  we  illustrate  the  implemented  syntax  by  exhibiting  some  theorems  about  ISYNTAX.  To 
make  the  examples  more  succinct,  we  first  introduce  some  notational  conventions. 

We  use  the  notation  |s|,  where  s  is  sequence  of  ASCII  characters  other  than  the  vertical  bar  character,  to 
denote  the  CONS  nest  around  "NIL*  of  the  sequence  of  ASCII  character  codes  for  the  successive 
characters  in  s. 

Some  of  the  relevant  ASCII  codes  are: 

char  coda  char  code 


1 - 

f  <spac«> 

1 

32  I 

0 

48 

I 

1 

39  | 

1 

49 

1 

1  C 

40  I 

... 

... 

1 

1  ) 

41  I 

9 

67 

1 

|  + 

43  I 

A 

66 

1 

j 

46  I 

B 

66 

1 

46  I 

... 

... 

1 

1 

1 

1 

1 

Z 

90 

1 

1 

For  example,  |(A.  l’|  is  an  abbreviation  for 
(CONS  40  (CDNS  66  (CONS  46  COINS  32  COINS  49  (CONS  39  'NIL*)))))) 

We  say  e  is  the  primitive  quotation  of  t  iff  e  and  t  are  terms  and  either  (i)  t  is  a  variable  symbol  and  e  is 
the  LITATOM  corresponding  to  t  or  (ii)  t  has  the  form  (fn  a,  ...  aQ)  and  e  is  (CONS  efn  elst)  where  efn  is 
the  LITATOM  corresponding  to  fn  and  elst  is  the  CONS  nest  around  'NIL*  of  the  primitive  quotations  of 
each  of  the  a-.  We  will  sometimes  write  [t[  to  mean  the  primitive  quotation  of  t. 

Thus,  |A|,  the  primitive  quotation  of  the  variable  symbol  A,  is  'A'  or,  equivalently,  (PACK  (CONS  65 
0)).  ((CAR  A)]  is  (CONS  'CAR'  (CONS  'A'  'NIL')). 

The  primitive  quotation  of  explicit  value  terms  are  cumbersomely  large.  For  example,  (0|  is  (CONS 
•ZERO'  'NIL')  and  |l]  is  (CONS  'ADDl*  (CONS  (CONS  'ZERO'  'NIL')  'NIL')).  ['A']  is  shown 
below: 

CCONS  'PACK' 

COONS  COONS  'CONS'  CCONS  [66]  CCONS  [0]  'NIL'))) 

•NIL')) 

We  now  illustrate  the  implemented  syntax.  Informally  speaking,  the  expression  (CONS  T  NIL)  in  the 
implemented  syntax  abbreviates  the  formal  term  (CONS  (TRUE)  'NIL').  This  statement  can  be  made 
precise  as  follows: 

Thaorra. 

CE2JUAL  (ISYNTAX  I  (CONS  T  NIL)  I)  [(CONS  (TRUE)  'NIL')]). 

In  general,  if  iterm  is  a  string  of  ASCII  characters  and  term  is  a  formal  term,  and  (EQUAL  (ISYNTAX 
|iterm|)  (term])  is  a  theorem,  then  we  say  iterm  is  an  implementation  term  that  abbreviates  term. 


Each  of  the  iterate  below  abbreviates  (CONS  (TRUE)  'NIL'): 
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(  CONS  T  NIL  ) 

(CONS  T 

NIL) 

(CONS 

T  NIL 

) 

(CONS  T  ;this  Is  a  ccanent 
;ud  so  is  this. 

NIL  ;and  bar*  is  another 

) 


Here  are  some  other  example  of  iterms  and  the  terms  they  abbreviate. 


item 

tern 

(CONS  2  -1) 

(CONS  (ADD1  (ADD1  (ZERO))) 

(MINUS  CADD1  (ZERO)))) 

(LIST  ABC) 

(CONS  A  (CONS  B  (CONS  C  'NIL'))) 

(CADDR  X) 

(CAR  (CDR  (CDR  X))). 

(TIMES  IJK) 

(TIMES  I  (TIMES  J  K)). 

(QUOTE  (A  1  O) 

(CONS  'A* 

(CONS  (AD01  (ZERO)) 

(CONS  'C*  'NIL'))) 

(QUOTE  (A  1  .  0)) 

(CONS  'A' 

(CONS  (ADD1  (ZERO)) 
(ZERO))) 

(QUOTE  a  *1*TRUE)) 

(CONS  'T' 

(CONS  T  'NIL')) 

(QUOTE  (ADD1  X» 

(CONS  'ADD1'  (CONS  'X'  'NIL')) 

The  last  example  illustrates  one  of  the  convenient  aspects  of  the  implementation  syntax.  If  t  is  a  formal 
term  then  (QUOTE  t)  is  an  implementation  term  that  abbreviates  a  quotation  of  t. 

The  'single  gritch*  character,  can  be  used  to  embed  the  following  well-formed  expression  in  a 
QUOTE.  Thus: 

item  tern 

*A  'A* 

' (ADD1  X)  (CONS  *ADD1'  (CONS  'X'  'NIL')) 

*(A  *B))  (CONS  'A' 

(CONS  (CONS  'QUOTE' 

(CONS  'B'  'NIL')) 

•NIL')) 


Our  implementation  of  the  QUOTE  convention  has  special  provisions  for  the  inclusion  of  literal  atoms 
that  do  not  correspond  to  symbols  (e.g.,  (PACK  (CONS  64  0)))  and  the  inclusion  of  user  introduced  shell 
constants.  Such  constants  are  written  down  using  the  special  token  *l*QUOTE. 
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For  example,  the  following  implementation  term 

(QUOTE  (C  B  A  <*1*QU0IE  PACK  (64  .  0)))) 

abbreviates  the  same  formal  term  as 

(CONS  (PACK  (CONS  67  0)) 

(CONS  (PACK  (CONS  66  0)) 

(CONS  (PACK  (CONS  66  0)) 

(CONS  (PACK  (CONS  64  0)) 
NIL)))). 


In  order  to  farther  illustrate  use  of  *l*QUOTE,  let  us  extend  the  initial  history  with  the  axiomatic  act: 


Shell  Definition. 

Add  the  shell  PUSH  of  2  arguments 
with  bottom  function  EMPTY- STACK, 
recognizer  STACKP, 
accessors  HP  and  POP, 

type  restrictions  <0NE-0F,  (1*MBERP)>  and  <0NE-0F,  (STACKP) > 
and  default  functions  ZERO  and  EMPTY-STACX . 


Then  the  implemented  term: 

(LIST  'A  (EMPTY-STACJO 

’B  (PUSH  2  (EMPTY-STACK))) 

represents  the  same  formal  term  as  represented  by  the  implemented  term: 

•  (A  (*l*QUCriE  EMPTY-STACK) 

B  (*1*QU0TE  PUSH  2  (+1  ♦QUOTE  EMPTY-STACK))) 

However,  use  of  *1 ‘QUOTE  is  restricted  so  that  it  cannot  be  used  to  represent  explicit  values  that  could 
be  written  down  inside  QUOTE  without  use  of  *l*QUOTE.  Thus,  ’((*1 ‘QUOTE  ZERO))  is  ill-formed. 

In  addition,  *l*QUOTE  cannot  be  used  to  write  down  terms  that  are  not  explicit  values,  e.g., 
'((‘1‘QUOTE  PUSH  2  3))  is  ill-formed  because  NUMBERP,  the  type  of  3,  does  not  satisfy  the  type 
restriction  on  the  second  argument  of  PUSH. 

Finally,  our  implemented  syntax  contains  an  elaborate  mechanism  for  the  abbreviation  of  FOR 
expressions. 

In  the  implementation  syntax  one  can  either  write  a  6  argument  application  of  FOR  —  in  which  case 
each  of  the  6  arguments  is  simply  translated  —  or  one  can  write  a  5  or  7  argument  application.  In  the 
latter  cases,  certain  of  the  ‘arguments*  are  'noise*  words  and  others  are  treated  as  implementation  terms 
which  are  translated  and  then  embedded  in  QUOTEs.  In  addition,  when  a  5  or  7  argument  FOR  is  used 
the  translation  routine  automatically  computes  the  association  list  used  to  assign  values  to  the  *free* 
variables  occuring  in  the  expression.  For  example  the  implementation  term 

(FOR  X  IN  L  WHEN  (LESSP  X  100)  SUM  (TIMES  A  B  X)) 
abbreviates  same  term  as: 

(FOR  ’X  L  ’(LESSP  X  (QUOTE  100))  ’SUM  ’(TIMES  A  (TOES  B  X)) 

(LIST  (CONS  ’A  A) 

(CONS  'B  B))) 
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S.S.  Some  Preliminary  Conventions 

In  the  next  three  subsections  we  define  formally  the  lexical  analyser,  parser,  and  translator.  Because  of 
the  need  to  determine  whether  a  given  term  is  an  explicit  value,  we  must  provide  functions  that  answer 
such  questions  as  *is  this  the  name  of  a  shell  constructor  function?*  and  *what  are  the  type  restrictions 
on  this  shell?* 


We  use  three  such  functions. 

1.  SHELL-BTM-TYPE:  If  X  is  the  quotation  of  the  bottom  function  symbol  of  the  shell  class 
with  recognizer  function  symbol  r,  (SHELL-BTM-TYPE  X)  is  equal  to  the  quotation  of  r; 
otherwise  (SHELL-BTM-TYPE  X)  is  equal  to  F. 

2.  SHELL-CONS-TYPE:  If  X  is  the  quotation  of  the  constructor  function  symbol  of  the  shell 
class  with  recognizer  function  symbol  r,  (SHELL-CONS-TYPE  X)  is  equal  to  the  quotation  of 
r;  otherwise  (SHELL-BTM-TYPE  X)  is  equal  to  F. 

3.  SHELL-CONS-TYPES:  If  X  is  not  the  quotation  of  the  constructor  function  symbol  of  some 
shell  class,  (SHELL-CONS-TYPES  X)  is  F.  Otherwise,  X  is  the  quotation  of  some  constructor 
function  with  type  restrictions  <flg,,s1>, ....  <flgn,*n>.  Let  trj  be  the  CONS  nest  around 
*NILa  of  the  LITATOMs  corresponding  to  flg;  and  each  of  the  symbols  in  S;.  Then  (SHELL- 
CONS-TYPES  X)  is  equal  to  the  CONS  list  around  *NIL*  of  trJ(  ...,  trn. 

Each  of  these  functions  could  be  defined  for  a  given  history.  For  example,  in  the  empty  history: 
(SHELL-BIM-TYFE  X) 

(IF  (EQUAL  X  ■TRUE’)  *TRUEP* 

(IF  (EQUAL  X  -FALSE*)  *FALSEP* 

(IF  (EQUAL  X  -ZERO*)  * NUMBER?* 

F))) 

(SHELL-CONS-TYPE  X) 

(IF  (EQUAL  X  -ADD1*)  *NUMBERP* 

(IF  (EQUAL  X  "CONS*)  *LISTP* 

(IF  (EQUAL  X  -PACK*)  'LITATQM* 

(IF  (EQUAL  X  -MINUS*)  ■  NEGATIVE?" 

F)))) 

(SHELL-CONS-TYPES  X) 

(IF  (OR  (EQUAL  X  *ADD1*) 

(EQUAL  X  'MINUS*)) 

(CONS  (CONS  *ONE-OF"  (CONS  ' NUMBER? *  *NIL*)) 

■NIL*) 

(IF  (EQUAL  X  -CONS*) 

(CONS  (CONS  "NONE- OF*  "NIL") 

(CONS  (CONS  *N0NE-0F*  *NIL*) 

•NIL*)) 

(IF  (EQUAL  X  -PACK*) 

(CONS  (CONS  'NONE-OF*  "NIL*) 

•NIL*) 


F))). 
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S.3.  The  Formal  Definition  of  LEXEMES 

In  this  subsection  we  define  a  function  that  takes  as  its  argument  a  list  of  numbers  and  returns  a  list  of 
'lexemes.*  Each  lexeme  is  either  a  positive  or  negative  integer  or  is  a  literal  atom  obtained  by  PACKing 
the  sequence  of  character  codes  denoting  the  lexeme. 


We  start  by  naming  and  grouping  certain  ASCII  character  codes. 


Definitions . 
(ASCII-OPEN-PAREX)  =  40 
(ASCII-CLOSE-PAREN)  =  41 
(ASCII-SINGLE-OUTCH)  =  39 
(ASCII-SPACED  =  32 
(ASCI I -NEWLINE)  =  141 
(ASCI  I -CARR LACE-RETURN)  =  13 
(ASCI  I -LINEFEED)  =  10 
(ASCII-PLUS-SI<W)  =  43 
(ASCI I -MINUS-SIGN)  =  45 
(ASCII-DOT)  a  46 
(ASCI  I -SEX! -COLON)  =  69 


code  for  ( 
code  for  ) 
code  for  * 
code  for  <space> 

Lisp  Machine  code  for  <nevllne> 

code  for  <cr> 

code  for  <lf> 

code  for  + 

code  for  - 

code  for  . 

code  for  ; 


Definition. 

(PARENP  N)  =  (OR  (EQUAL  N  (ASCII-OPEN-PAREN)) 
(EQUAL  N  (ASCII-CLOSE-PARDO  ) ) 


Definition . 

(VHITEP  N)  =  (OR  (EQUAL  N  (ASCI  I -SPACED) 

(OR  (EQUAL  N  (ASCII-NEWLINE)) 

(OR  (EQUAL  N  (ASCII-CARRIAGE-RETURN)) 
(EQUAL  N  (ASCII-LINEFEED))))) 


Definition. 

(ALPHABETIC?  N)  =  (AND  (LESSP  64  N)  (LESSP  N  91)) 

Definition. 

(DIGITP  N)  =  (AND  (LESSP  47  N)  (LESSP  N  58)) 

Definition . 

(SIGNP  N)  =  (OR  (EQUAL  N  (ASCII-PLUS-SIOO) 

(EQUAL  N  (ASCII-MINUS-SIGN))) 

The  lexical  analyzer  uses  white  space,  parentheses,  certain  occurrences  of  the  single  quote  mark,  and 
semicolon  to  break  the  input  stream  into  lexemes.  The  analyzer  accumulates  into  a  list  the  character 
codes  of  each  lexeme,  in  reverse  order.  Those  lists  having  the  syntax  of  an  optionally  signed  nonempty 
sequence  of  digits  optionally  followed  by  a  decimal  point  are  parsed  into  positive  or  negative  integers. 
The  function  NUMERALP  recognizes  such  lists,  using  NX' ME R ALP  1  to  recognize  optionally  signed 
nonempty  sequences  of  digits. 

Definition . 

(NUMERALP!  A) 

(IF  (NLISTP  A) 

F 

(AND  (DIGITP  (CAR  A)) 

(OR  (NLISTP  (CDR  A)) 

(OR  (AND  (SIGNP  (CAR  (CDR  A))) 

(NLISTP  (CDR  (CDR  A)))) 

(NUMERALP1  (CDR  A)))))) 


Definition . 

(KJMERALP  A)  =  (AND  (LISTP  A) 

(IF  (EQUAL  (CAR  A)  (ASCII-DOT)) 
(NUMHtALPl  (CDR  A)) 
(NUMERALP!  A))) 


(GEN-INTEGER  A  1  0)  returns  the  positive  or  negative  integer  denoted  by  A,  provided  A  is  a 
NUMERALP. 

Definition . 

(GEN- INTEGER  A  SHIFT  N) 

(IF  (NLISTP  A) 

N 

(IF  (EQUAL  (CAR  A)  (ASCII-DOT)) 

(GEN- INTEGER  (CDR  A)  SHIFT  N) 

(IF  (EQUAL  (CAR  A)  (ASCII-PLUS-SIGN)) 

N 

(IF  (EQUAL  (CAR  A)  (ASCII-MINUS-SIGN)) 

(MINUS  N) 

(GEN-INTEGER  (CDR  A) 

(TIMES  10  SHIFT) 

(PLUS  N 
(TIMES  SHIFT 

(DIFFERENCE  (CAR  A)  48)))))))) 

Those  lexemes  not  parsed  as  numbers  are  treated  as  literal  atoms  obtained  by  PACKing  up  the  list  of 
characters  typed  (using  0  as  the  final  CDR).  Since  the  characters  are  accumulated  in  reverse  order,  they 
must  be  reversed  before  being  PACKed. 

Definition . 

(REVPNAME  A  PNAME) 

(IF  (NLISTP  A) 

PNAME 

(REVPNAME  (CDR  A)  (CONS  (CAR  A)  PNAME))) 

GEN-LEXEME  generates  each  lexeme,  given  the  list  of  character  codes  accumulated. 

Definition. 

(GEN-LEXEME  A)  =  (IF  (NUMERALP  A) 

(GEN-INTEGER  A  1  0) 

(PACX  (REVPNAME  A  0») 

Certain  lexemes  cannot  be  written  down  using  our  quotation  mark  convention  because  they  are  not  the 
quotations  of  variable  or  function  symbols.  We  therefore  define  functions  to  permit  ns  to  refer  to  these 
lexemes  more  conveniently. 


Definitions. 

(OPEN-PAREN)  =  (PACX  (CONS  (ASCI I -OPEN- P AREN)  0)) 
(CLOSE-PAREN)  =  (PACK  (CONS  (ASCII-CLOSE-PAREN)  0)) 
(SINXE-GRITCH)  =  (PACK  (CONS  (ASCII-SINXE-GRITCH)  0)) 
(DOT)  =  (PACK  (CONS  (ASCII-DOT)  0)) 


EMIT  is  used  to  add  a  new  lexeme  to  the  emerging  stream  of  lexemes.  The  first  argument  is  the 
accumulated  list  of  character  codes  and  the  second  is  the  rest  of  the  lexemes.  If  the  first  argument  is  0  it 
means  no  character  codes  were  accumulated  since  the  last  lexeme  was  emitted. 

Definition . 

(EMIT  PNAME  1ST)  =  (IF  (EQUAL  PNAME  0) 

1ST 

(CONS  (GEN-LEXEME  PNAME)  1ST)) 

IGNORE-COMMENT  scans  the  input  stream  until  it  has  passed  a  newline  or  carriage  return/linefeed. 


Definition . 

(IGNQRE-COfffNT  STREAM) 

(IF  (NLISTP  STREAM) 

STREAM 

(IF  (EQUAL  (CAR  STREAM)  (ASCII-NEWLINE)) 

(CDR  STREAM) 

(IF  (AM)  (EQUAL  (CAR  STREAM) 

(ASCI I -CARRIAGE-RETURN) ) 

(AM)  (LIST?  (CDR  STREAK)) 

(EQUAL  (CAR  (CCA  STREAM)) 

(ASCII~LINEFEH>)))) 

(CDR  (CDR  STREAM)) 

(IGNCRE-COtCNT  (CCA  STREAM))))) 

LEXEMES  is  the  lexical  analyzer.  The  first  argument  is  the  list  of  input  character  codes.  The  second 
argument  is  the  list  of  character  codes  accumulated  for  the  current  lexeme  thus  far.  (LEXEMES 
STREAM  0)  is  the  list  of  lexemes. 

Definition. 

C.EXEWS  STREAM  PNAME) 

(IF  (MJSTP  STREAK) 

(EMIT  PNAME  *NILa) 

(IF  (EQUAL  (CAR  STREAM)  (ASCII-SEMI-COLON)) 

(EMIT  PNAJC 

(LEXEMES  (IGNDRE-OGMfENT  (CIA  STREAM)) 

0)) 

(IF  (AM)  (EQUAL  (CAR  STREAM)  (ASCI  I -S INXE-<XITCH) ) 

(EQUAL  PNAME  0)) 

(EMIT  (006  (CAR  STREAM)  0) 

(LEXEMES  (CDR  STREAM)  0)) 

(IF  (PAREMP  (CAR  STREAM)) 

(EMIT  PNAME 

(EMIT  (CONS  (CAR  STREAM)  0) 

(LEXEMES  (CDR  STREAM)  0))) 

(IF  (WHITEP  (CAR  STREAM)) 

(EMIT  PNAME  (LEXEMES  (CDR  STREAM)  0)) 

(LEXEMES  (CIA  STREAM) 

(CONS  (CAR  STREAM)  PNAME))))))) 

We  illustrate  LEXEMES  by  exhibiting  a  few  theorems  about  it. 


(LEXEMES  I  (ABC  DEF)  I  0)  =  (CONS  (OPEM-PAREN) 

(CONS  ■ABC* 

(CONS  *DEF’ 

(CONS  (CLOSE-PAREM)  "NIL*)))) 

(LEXEMES  |X(A-B)Z|  0)  =  (CONS  'X* 

(CONS  (OPEM-PAREN) 

(CONS  "A-B* 

(CONS  (CLOSE-PAREJO 
(CONS  'Z*  'NIL'))))) 

(LEXEMES  I 'A  “BC’Dl  0)  =  (CONS  (SINdE-GRITCH) 

(CONS  •A* 

(CONS  (SINGLE-GRITCH) 

(CONS  (SINCLE-CRITCH) 

(CONS  *B* 

(CONS 

(PACK  (CONS  67  (CONS  39  (CONS  68  0)))) 
•NIL*)))))) 
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(LEXEMES  |A;GGmE3fr 

bi  o)  =  (erne  *a*  (cons  *b*  *nil*)) 

(LEXEMES  |A.B  .  Cl  0)  =  (CONS  (PACK  (CONS  65  (CONS  46  (CONS  66  0)))) 

(CONS  (DOT) 

(CONS  *C*  'NIL'))) 


(LEXEMES  1-12  3.  4-5  6.7|  0) 


(CONS  -12. 

(CONS  3. 

(CONS  (PACK  (CONS  52  (CONS  45  (CONS  53  0))» 
(CONS  (PACK  (CONS  54  (CONS  46  (CONS  55  0)))) 
•NIL*)))) 


3.4.  The  Formal  Definition  of  PARSE  and  READ 

We  now  define  the  function  that  attempts  to  parse  a  list  of  lexemes  into  an  *  expression.*  We  say  x  is 
an  express!  >n  if  and  only  if  either  x  is  a  NUMBERP,  a  NEGATIVEP,  a  LITATOM  whose  UNPACK  is  a 
CONS  nest  arcviad  0  of  a  sequence  of  ASCII  codes,  or  a  LISTP  whose  CAR  and  CDR  are  both  recursively 
expressions. 

Our  parser  takes  two  arguments.  The  first  is  a  list  of  lexemes.  The  second  is  a  list  used  as  a  pushdown 
stack  on  which  lists  are  accumulated.  Each  element  of  the  stack  is  called  a  'frame*  and  is  itself  a  list  of 
three  items.  Whenever  the  parser  encounters  an  open  parenthesis  a  new  frame  is  pushed  on  the  stack  and 
parsing  continues  with  the  character  after  the  open  parenthesis.  One  of  the  items  in  the  frame  collects  the 
s-expressions  that  are  the  elements  of  the  list.  When  the  s-expression  is  completely  assembled  that  stack 
frame  is  popped  and  the  s-expression  is  added  to  the  end  of  the  list  being  assembled  in  the  newly  exposed 
frame.  When  a  single  gritch  is  read,  a  count  in  the  frame,  initially  0  for  each  element,  is  incremented  by 
1.  When  the  next  element  of  the  list  is  added  it  is  first  embedded  in  as  many  QUOTE  expressions  as 
single  gritches  preceded  it.  When  the  dot  lexeme  is  read,  a  flag  in  the  frame  is  set  and  the  next  time  an 
s-expression  is  added  to  the  list  being  assembled  it  is  put  into  the  final  CDR  instead  of  added  as  the  last 
element. 

Here  is  the  function  that  adds  a  new  frame  to  the  stack. 

Definition . 

(PUSH-FRAME  STACK) 

(CONS  (CONS  'NIL*  (CONS  0  (CONS  F  *NIL*))) 

STACK) 

The  following  three  functions  return  the  three  items  in  the  top-most  frame  of  the  stack. 

Definition . 

(LIST-BEING- ASSEMBLED  STACK)  =  (CAR  (CAR  STACK)) 


Definition . 

(qUOTE-CNr  STACK)  =  (CAR  (CDR  (CAR  STACK))) 


Definition . 

(D0T-FLG  STACK)  =  (CAR  (CDR  (CDR  (CAR  STACK)))) 

I  The  following  function  increments  the  count  of  single  gritches  read. 


I 
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Definition . 

(BWfMJUCTE-CNT  STACK) 

(CONS  (CONS  (LIST-BEING-ASSMLED  STACK) 

(CONS  (AUDI  (QUOTE-CNT  STACK)) 

(CONS  (DOT-FLG  STACK)  "NIL*))) 

(CDR  STACK)) 

The  next  two  functions  turn  on  and  off  the  flag  signalling  that  a  dot  has  been  read. 

Definition. 

(SET-DOT-FLG  STACK) 

(CONS  (CONS  (LIST-BEING-- ASSEMBLED  STACK) 

(CONS  (QUOTE-CNT  STAOO 
(CONS  T  •NIL*))) 

(cm  STAOO) 


Definition. 

(UNSET-DOT-FLG  STACK) 

(CONS  (CONS  (LIST-BEING'  ASSEMBLED  STACK) 

(CONS  (QUOTE-CNT  STACK) 

(CONS  F  •NIL"))) 

(CDR  STACK)) 

KWOTEN  is  the  function  used  to  embed  each  s-expression  in  QU0TE6. 

Definition. 

(KWOTEN  N  X) 

(IF  (ZEROP  N) 

X 

(CONS  'QUOTE* 

(CONS  OCWOTEN  (SUB1  N)  X)  *NIL*))) 

The  next  function  adds  its  first  argument  to  the  list  being  assembled  in  the  top  frame  of  the  stack, 
taking  account  of  the  number  of  gritches  that  preceded  it  and  whether  the  dot  flag  is  set.  Note  that  the 
function  resets  the  quote  count  to  0  in  anticipation  of  the  processing  of  the  next  element  of  the  list. 

Definition. 

(ADD-ELEMENT  X  STACK) 

(CONS  (CONS  (IF  (DOT-FLG  STACK) 

(APPEND  (LIST-BEING- ASSEMBLED  STACK) 

(KWOTEN  (QUOTE-CUT  STACK)  X)) 

(APPEND  (LIST-BEING- ASSEMBLED  STAOO 

(CONS  (KWOTEN  (QUOTE-CNT  STACK)  X) 

■NIL*))) 

(CONS  0 

(CONS  (DOT-FLG  STACK)  ’NIL*))) 

(cm  STACK)) 

Here,  finally,  is  the  parser.  The  top-level  call  of  the  parser  should  have  a  stack  with  one  empty  frame 
on  it.  The  deepest  stack  frame  is  treated  specially  by  PARSE:  as  soon  as  an  element  has  been  added  to 
it,  parsing  stops  and  the  element  is  returned. 


If  the  parser  encounters  ill-formed  syntax  —  e.g.,  unmatched  parentheses,  illegal  uses  of  the  dot  notation, 
or  unnecessary  terminal  lexemes  after  the  completion  of  the  parsing  -  it  returns  F. 


Definition . 

(PARSE  L  STACK) 

(IF  (NLISTP  L) 

F 

(IF  (EQUAL  (CAR  L)  (0PEN-PARE30) 

(PARSE  (CDR  L)  (PUSH-FRAME  STACK)) 

(IF  (EQUAL  (CAR  L)  (CLOSE-PAREN) ) 

(IF  (OR  (M.ISTP  STACK) 

(NLISTP  (CDR  STACK))) 

F 

(IF  (AND  (DCT-FLG  (CDR  STACK)) 

(OR  (NLISTP  (CDR  L)) 

(NOT  (EQUAL  (CAR  (CDR  L))  (CLOSE-PAREW) ) ) ) ) 

F 

(IF  OCJSTP  (CDR  (CDR  STACK))) 

(IF  (LISTP  (IF  (DOT-FLC  (CDR  STACK)) 

(CDR  (CDR  L)) 

(CDR  L))) 

F 

(CAR  (LIST-BEING- ASSEMBLED 
(ADD-ELEMENT 

(LI ST-BEING- ASSEMBLED  STACX) 

(CDR  STACK))))) 

(PARSE  (CDR  L) 

(ADD-ELEMENT  (LIST-BEING- ASSEMBLED  STACK) 

(CDR  STACK)))))) 

(IF  (EQUAL  (CAR  L)  (SINHE-GRITCH) ) 

(PARSE  (CDR  L)  (BUWMJUOTE-CNT  STACK)) 

(IF  (EQUAL  (CAR  L)  (DOT)) 

(IF  (OR  (NLISTP  STACK) 

(NLISTP  (LIST-BEING-ASSEMBLED  STACK))) 

F 

(IF  (DOT-FLC  STACK) 

F 

(IF  (NOT  (ZERQP  (QUOTE-CNT  STACK))) 

F 

(PARSE  (CDR  L)  (SET-DOT-FUG  STACK))))) 

(IF  (NLISTP  STACK) 

F 

(IF  (AND  (DOT-FUG  STACK) 

(OR  (NLISTP  (CDR  L)) 

(NOT  (EQUAL  (CAR  (CDR  L))  (CLOSE-PAREM) ) ) ) ) 

F 

(IF  (NLISTP  (CDR  STACK)) 

(IF  (LISTP  (CDR  L)) 

F 

(CAR  (LIST-BEING- ASSEMBLED  (ADD- ELEMENT  (CAR  L)  STACK)))) 
(PARSE  (CDR  L) 

(UNSET-DOT-FUG  (ADD-ELEMENT  (CAR  L)  STACK))))))))))) 

Tbe  reader  is  the  composition  of  the  parser  and  the  lexical  analyser. 

Definition . 

(READ  STREAM)  =  (PARSE  (LEXEMES  STREAM  0) 

(PUSH-FRAME  'NIL*)) 

We  now  illustrate  READ  by  exhibiting  some  theorems  sbout  it: 


(READ  I  (A  (BO  D)  I )  =  (CONS  *A* 

(CONS  (CONS  «B*  (CONS  'C*  "NIL*)) 
(CONS  'D*  •NIL"))) 
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(READ  I  (A  *B  Q  I)  =  (CONS  *A* 

(CONS  (CONS  •guerre*  (CONS  *B*  'NIL')) 
(CONS  *C*  ‘NIL*))) 

(READ  I  (A  B  .  Ol)  =  (CONS  'A*  (CONS  *B*  *C*)) 

(READ  I  (A  .  (B  .  (C  .  0)))l) 

=  (CONS  •A' 

(CONS  -B*  (CONS  *C*  •NIL*))) 

(READ  |*  ((A  .  1)  (B  .  2))|) 

=  (CONS  •guore* 

(CONS  (CONS  (CONS  "A1  1) 

(CONS  (CONS  ■B1  2)  'NIL*)) 

•NIL*)) 

(READ  I  (PLUS  I  (TOES  33  J)  (LOCKUP  X  ALIST))I) 

(CONS  -PLUS' 

(CONS  'I* 

(CONS  (CONS  -TIMES* 

(CONS  33  (CONS  *J*  *NIL*)» 

(CONS  (CONS  ‘LOOKUP* 

(CONS  (CONS  -SMOTE- 

(CONS  *X*  *NIL*)) 

(CONS  *ALIST*  'NIL'))) 

-NIL-))))) 


3.5.  The  Formal  Definition  of  TRANSLATE  and  ISYNTAX 

ISYNTAX  is  the  composition  of  a  function  called  TRANSLATE  and  the  function  READ  above.  Almost 
all  of  this  section  is  devoted  to  the  definition  of  TRANSLATE  and  its  subfunctions.  TRANSLATE  takes 
as  input  an  s-expression  and  produces  either  F  or  the  primitive  quotation  of  a  formal  term. 

Roughly  speaking,  TRANSLATE  transforms  LITATOMs  into  themselves,  provided  they  have  the  syntax 
of  our  variable  symbols,  and  transforms  s-expressions  of  the  form  (CONS  fn  (CONS  argj  ...  (CONS  argn 
•NIL*)))  into  (CONS  fn  (CONS  arg',  ...  (CONS  arg’D  *NIL-))),  where  arg’j  is  the  translation  of  argj, 
provided  fn  is  the  quotation  of  a  function  symbol  of  arity  n.  However,  there  are  many  special  cases  in 
which  more  elaborate  transformations  are  performed.  The  most  complicated  involve  the  extended 
QUOTE  notation  for  denoting  explicit  values  ;nd  the  handling  of  FOR  expressions. 

We  first  define  the  function  SYMBOLP  which  recognizes  when  a  LITATOM  has  the  syntax  of  the 
symbols  in  our  logic,  i.e.,  is  a  sequence  of  alphanumeric  characters  or  hyphens,  beginning  with  an 
alphabetic  character. 

Definition. 

(LEGAL-CHAR-CDDE-SEQ1  L) 

(IF  (NLISTP  L) 

T 

(AM)  (C»  (ALPHABETIC?  (CAR  L)) 

(OR  (DIGIT?  (CAR  L)) 

(E3JUAL  (CAR  L)  (ASCII-MINUS-SIGN)))) 

(LEGAL-CHAR-CODE-SECU  (CDR  L)))) 


Definition. 

(LECAL-CKAR-CODE-SEQ  L) 

(AND  (LISTP  L) 

(AND  (EQUAL  (CDR  (LAST  L))  0) 

(AM)  (ALPHABETIC?  (CAR  L)) 

(LEGAL-CHAR-C0DE-SEQ1  (CDR  L)))» 


Definition. 

(SYMBOLP  X)  =  (AND  (LITATOH  X) 

(LEGAL -CHAR-CODE-SEQ  (UNPACK  X})) 

TRANSLATE  processes  the  submitted  s-expression  top-down,  checking  that  each  subexpression  is  legal 
in  the  context  in  which  it  occurs.  As  it  processes  each  legal  subexpression  it  CONSes  together  the 
primitive  quotation  of  the  formal  term  represented.  However,  if  it  encounters  an  illegal  subexpression  it 
must  return  F  as  the  top-level  answer.  Thus,  instead  of  using  CONS  to  construct  the  quotation, 
TRANSLATE  uses  FCONS  below. 

Definition. 

(FCONS  X  Y)  =  (IF  (AND  X  Y)  (CONS  X  Y)  F) 

Perhaps  the  most  complicated  part  of  TRANSLATE  is  the  transformation  of  QUOTEd  expressions. 
TRANSLATE  transforms  an  input  of  the  form  (CONS  'QUOTE*  (CONS  evg  'NIL'))  into  the  quotation 
of  an  explicit  value,  provided  evg  ('explicit  value  guts')  has  certain  properties. 

For  example,  if  evg  is  an  integer,  the  QUOTE-expression  is  translated  into  the  primitive  quotation  of  a 
nest  of  ADDl’s  around  (ZERO),  possibly  with  a  top-level  MINUS. 

If  evg  is  a  LIT  ATOM  satisfying  the  restrictions  on  symbols,  the  QUOTE-expression  denotes  a  PACK 
expression.  For  example,  the  result  of  READing  |(QUOTE  ABC)|  is  TRANSLATEd  into  the  primitive 
quotation  of  the  PACK  expression  we  abbreviate  as  'ABC'  in  the  formal  syntax:  ((PACK  (CONS  65 
(CONS  66  (CONS  67  0))))|. 

However,  not  all  LIT  ATOM  ev.’.s  denote  PACK  expressions;  we  use  two  of  the  non-symbol  LIT  ATOMs 
to  stand  for  T  and  F.  The  two  LIT  ATOMs  are  those  produced  by  READing  |*1*TRUE|  and  |*1*FALSE| 
and  are  returned  by  the  functions  EVG-TRUE  and  EVG-FALSE  below. 

If  evg  is  a  LISTP,  e.g.,  the  result  of  READing  |(ABC  .  DEF)|,  it  represents  a  CONS,  e.g.,  (CONS  'ABC' 
*DEF*),  provided  both  the  CAR  and  the  CDR  are  evgs. 

If  evg  is  a  LISTP  whose  CAR  is  a  certain  mark  called  the  EVG-QUOTE-MARK,  it  represents  a 
nonprimitive  shell  object  or  'unusual*  primitive  ones,  such  as  non-symbol  LITATOMs.  The  mark  is  the 
non-symbol  LIT  ATOM  produced  by  READing  |*l*QUOTE|. 

The  complicated  nature  of  our  representation  of  explicit  values  stems  from  two  desires.  First,  for 
efficiency  in  the  theorem  prover,  we  have  arranged  for  there  to  be  only  one  way  to  represent  every  explicit 
value  as  a  QUOTEd  evg.  Second,  we  have  arranged  for  the  quotation  of  a  term  to  be  produced  by 
embedding  the  internal  representation  of  the  term  in  a  QUOTE  expression,  permitting  the  efficient  use  of 
'rneta*  functions.  These  issues  are  dealt  with  at  length  in  [meta]. 

We  now  begin  defining  the  functions  to  manipulate  evgs.  ADDl-NEST  returns  the  quotation  of  the 
formal  term  denoted  by  a  nonnegative  integer. 


Definition. 

(ADD  1 -NEST  N) 

(IF  (ZEROP  N) 

(CONS  ■ZERO*  "NIL") 

(CONS  "ADD1 ■ 

(CONS  (ADD 1 -NEST  (SUB1  N))  ‘NIL'))) 

Here  are  (he  non-symbol  LITATOMs  we  use  in  evgs. 

Definition. 

(EVC-TRUE3 

(PACK  (CONS  42 
(CONS  49 
(CONS  42 

(CONS  84  (CONS  82  (CONS  85  (CONS  69  0)))))))) 


Definition. 

(EVC-FALSE) 

(PACK  (CONS  42 
(CONS  49 
(CONS  42 

(CONS  70  (CONS  66  (CONS  76  (CONS  83  (CONS  69  0))))))))) 


Definition . 

(EVG- QUOTE-MARK) 

(PACK  (CONS  42 
(CONS  49 
(CONS  42 

(CONS  81  (CONS  86  (CONS  79  (CONS  84  (CONS  69  0))))))))) 

In  order  for  an  evg  to  represent  an  explicit  value  it  is  necessary  that  its  components  represent  explicit 
values  of  the  appropriate  type.  The  following  functions  are  used  to  check  type  agreement. 

Definition. 

(SHELL-TYPE  FN)  =  (IF  (SHELL-BTM-TYPE  FN) 

(SHELL-BIM-TYPE  FN) 

(IF  (SHELL -CONS-TYFE  FN) 

(SHELL -CONS-TYPE  FN) 

F)) 


Definition . 

(SHELL-TYPE-OKP  FN  RESTRICTION) 

(IF  (EQUAL  (CAR  RESTRICTION)  •ONE-OF') 

(MEMBER  (SHELL-TYPE  FN) 

(CDR  RESTRICTION)) 

(NOT  (MEMBER  (SHELL-TYPE  FN) 

(CDR  RESTRICTION)))) 

SHELL-TYPES-OKP  takes  as  its  first  argument  the  quotations  of  n  explicit  value  terms  and  as  its 
second  argument  a  list  of  n  type  restrictions.  The  function  checks  that  each  explicit  value  term  satisfies 
the  corresponding  type  restriction. 
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Definition . 

( SHELL-TYPES -CKP  TERMS  RESTRICTIONS) 

(IF  (NLISTP  TERMS) 

T 

(AND  (LISTP  (CAR  TERMS)) 

(AM)  (SHELL-TYPE-CKP  (CAR  (CAR  TERMS)) 

(CAR  RESTRICTIONS)) 

(SHELL-TYFES-OKP  (CDR  TERMS) 

(CDR  RESTRICTIONS))))) 

Here  is  the  function  that  transforms  X  into  the  primitive  quotation  of  an  explicit  value,  or  else  returns  F 
signifying  that  X  is  not  an  evg.  If  FLG  is  'LIST*  X  is  considered  as  a  list  of  evgs  instead  of  as  a  single 
evg. 


Definition . 

(EVG  FLG  X) 

(IF  (EQUAL  FLG  'LIST') 

(IF  (NLISTP  X) 

"NIL" 

(TOONS  (EVG  T  (CAR  X)) 

(.EVG  "LIST*  (CDR  X)))) 

(IF  (NLISTP  X) 

(IF  (NOMBERP  X)  (ADD1-NEST  X) 

(IF  (NEGATIVE?  X) 

(CONS  ’MINUS" 

(CONS  (ADD  1 -NEST  (NEGATIVE-GUTS  X)) 

•NIL*)) 

(IF  (EQUAL  X  (EVG-TRUE3)  (CONS  ■TRUE*  ’NIL*) 

(IF  (EQUAL  X  (EVG-FALSED)  (CONS  'FALSE*  *NIL*> 

(IF  (SYMBQLP  X) 

(CONS  'PACK* 

(CONS  (EVG  T  (UNPACK  X)) 

■NIL*)) 

F))))) 

(IF  (EQUAL  (CAR  X)  (EVG-QUOTE-MARK) ) 

(IF  (AND  (LISIP  (CM  X)) 

(AN)  (EQUAL  (CM  (LAST  X))  *NIL*) 

(AM)  (EQUAL  (LENGTH  (CM  (CM  X))) 

(ARITY  (CAR  (CM  X)))) 

(AND  (EVG  'LIST*  (CM  (CM  X))) 

(AND  (OR  (SHELL-STM-TYPE  (CAR  (CM  X))) 

(AND  (SHELL -CONS-TYPES  (CAR  (CM  X))) 

(SHELL-TYPES-GKP  (EVG  ’LIST*  (CM  (CM  X))) 

(SHELL-CONS-TYPES  (CAR  (CM  X)))))) 
(IF  (EQUAL  (CAR  (CM  X))  'PACK*) 

(NOT  (LEGAL-CHAR-CODE-SEQ  (CAR  (CM  (CM  X))))) 

(IF  (EQUAL  (CAR  (CM  X))  ’MINUS*) 

(EQUAL  (CAR  (CM  (CM  X)))  0) 

(NOT  (M  (EQUAL  (CAR  (CM  X))  *ADD1*) 

(M  (EQUAL  (CAR  (CM  X))  'ZERO*) 

(EQUAL  (CAR  (CM  X))  *C0NS*))))))))))) 

(CONS  (CAR  (CM  X)) 

(EVG  'LIST*  (CM  (CM  X)))) 

F) 

(TOONS  ’CONS* 

(FCONS  (EVG  T  (CAR  X)) 

(FCQN5  (EVG  T  (CM  X))  *NIL*)))))) 


This  completes  the  development  of  the  functions  for  processing  evgs. 


The  next  function  is  the  analogue  of  our  notion  of  the  *fn  nest  around  b  for  s.*  If  FN  is  the  LIT  ATOM 

corresponding  to  fn  and  L  is  a  list  of  the  primitive  quotations  of  the  terms  t, . tn,  then  (MAKE-TREE 

FN  L)  is  the  primitive  quotation  of  (fn  t,  ...  (fn  tn  l  tB)...).  If  n<2,  the  function  returns  F. 

Definition . 

(MAKE-TREE  FN  L) 

(IF  (NLISTP  L) 

F 

(IF  OUSIP  (CDR  L)) 

F 

(IF  QUSTP  (CDR  (CDR  L))) 

(FCCNS  FN 

CFCDNS  (CAR  L) 

CPCONS  (CAR  (CDR  L))  'NIL*))) 

(pans  FN 

(Fans  (CAR  L) 

(FOWB  (MAKE-TREE  FN  (CDR  L)> 

•NIL')))))) 

Our  implemented  notation  includes  the  LISP  convention  for  abbreviating  nests  of  CARs  and  CDRs  with 
such  function  symbols  as  CADR,  CADDR,  etc.  The  following  functions  are  used  to  implement  this 
feature. 

CAR-CDRP  recognizes  those  literal  atoms  which  are  written  down  with  C  as  the  first  character,  R  as 
the  last,  and  A's  and  D’s  in  between.  The  ASCII  codes  for  A,  C,  D,  and  R  are  65,  67,  68,  and  82. 

Definition. 

(CAR-CDRP 1  L) 

(IF  (NLISTP  L) 

F 

(IF  (NLISTP  (CDR  L)) 

(AND  (EQUAL  (CAR  L)  82) 

(EQUAL  (CDR  L)  0)) 

(AND  (OR  (EQUAL  (CAR  L)  65) 

(EQUAL  (CAR  L)  68)) 

(CAR-CDRP1  (CDR  L))))) 


Definition. 

(CAR-CDRP  X)  =  (AND  (LITATOM  X) 

(AND  (LISTP  (UNPACK  X)) 

(AND  (EQUAL  (CAR  (UNPACK  X))  67) 

(CAR-CDRP1  (CDR  (UNPACK  X)))))) 

This  function  constructs  the  quotation  of  the  term  denoted  by  a  term  beginning  with  a  CAR-CDRP 
symbol. 

Definition. 

(CAR-CDR-NEST  L  X) 

(IF  (OR  (NLISTP  L)  (NLISTP  (CDR  L))) 

X 

(IF  (EQUAL  (CAR  L)  65) 

(CONS  'CAR* 

(CONS  (CAR-CDR-NEST  (CDR  L)  X)  'NIL')) 

(CONS  •CDR* 

(CONS  (CAR-CDR-NEST  (CDR  L)  X)  ’NIL*)))) 

We  now  move  on  to  the  transformation  of  FOR  expressions.  We  first  define  convenient  ‘accessors*  for 
the  components  of  the  FOR  term.  Recall  that  we  permit  5,  6,  and  7  argument  versions  of  FOR. 


Definition. 

(ABBREVIATED-FOR-VAR  X)  =  (CAR  (CDR  X)) 


Definition . 

(ABBREVIATED- FOR-RANCE  X)  =  (CAR  (CDR  (CDR  (CDR  X}))) 


Definition . 

(ABBREVIATED-FOR-VHEN  X) 

(IF  (EQUAL  (LENGTH  X)  8) 

(CAR  (CDR  (CDR  (CDR  (CDR  (CDR  X}))))) 

•T") 


Definition . 

(ABBREVIATED-POR-OP  X) 

(IF  (EQUAL  (LENGTH  X)  8) 

(CAR  (CDR  (CDR  (CDR  (CDR  (CDR  (CDR  X))))))) 
(CAR  (CDR  (CDR  (CDR  (CDR  X)))))) 


Definition. 

(ABBREVIATED-FOR-BODY  X)  =  (CAR  (LAST  X)) 

The  next  function  recognizes  those  LITATOMs  that  name  the  operations  handled  by  FOR. 

Definition. 

(FQR-OPERATIOP  X> 

(OR  (EQUAL  X  ■ADD-TO-SET") 

(OR  (EQUAL  X  -ALWAYS*) 

(OR  (EQUAL  X  -APPEND*) 

(OR  (EQUAL  X  -COLLECT*) 

(OR  (EQUAL  X  -COUNT-) 

(OR  (EQUAL  X  "DO-RETURN*) 

(OR  (EQUAL  X  -EXISTS-) 

(OR  (EQUAL  X  -MAX*) 

(cm  (EQUAL  X  -MULTIPLY-) 

(OR  (EQUAL  X  -SUM*) 

(EQUAL  X  -UNION*))))))))))) 

We  now  define  the  function  that  recognizes  those  FORs  requiring  fancy  translation. 

Definition . 

(ABBREVIATED-FORP  X) 

(AND  (LISTP  X) 

(AND  (EQUAL  (CAR  X)  -FOR-) 

(AND  (OR  (EQUAL  (LENGTH  X)  8) 

(EQUAL  (LENGTH  X)  6)) 

(AND  (SYMBOL?  (ABBREVIATED- FOR-VAR  X)) 

(AND  (NOT  (EQUAL  (ABBREVIATED- FOR-VAR  X)  -NIL*)) 

(AM)  (NOT  (EQUAL  (ABBREVIATED- FOR-VAR  X)  -T-» 

(AND  (NOT  (EQUAL  (ABBREVIATED- FOR-VAR  X)  *F*)) 

(AND  (EQUAL  (CAR  (CDR  (dm  X)))  -IN*) 

(AND  (OR  (EQUAL  (LENGTH  X)  6) 

(EQUAL  (CAR  (CDR  (dm  (dm  (CDR  X)))))  -WHEN-)) 

(FOR-OPERATIONP  (ABBREVIATED-FOR-OP  X))))))))))) 

One  of  the  things  we  do  with  abbreviated  FORs  is  to  compute  the  association  list  that  binds  the  -free 
variables  in  the  conditional  expression  and  body.  We  keep  those  alists  in  alphabetic  order. 
ALPHABETIC-LESSP  compares  two  LITATOMs  and  determines  whether  its  first  argument  is 
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alphabetically  smaller  than  its  second. 

Definition . 

CALPHAEETIC-LESSP1  LI  L2) 

(IF  (NLISTP  LI) 

T 

(IF  (NLISTP  L2) 

F 

(IF  (LESSP  (CAR  LI)  (CAR  L2)) 

T 

(IF  (EQUAL  (CAR  LI)  (CAR  L2)) 

(ALPHABETIC-LESSP1  (CDR  LI)  (CDR  L2)) 
F)))) 


Definition . 

(ALPHABETIC-LESSP  X  Y)  =  (ALPHABETIC-LESSP1  (UNPACK  X) 

(UNPACK  Y)) 

Below  we  define  an  insertion  sort  function  that  sorts  lists  of  LIT ATOMs  alphabetically. 
Definition. 

(ALPHABETIC-INSERT  X  L) 

(IF  (NLISTP  L) 

(CONS  X  'NIL') 

(IF  (ALPHABETIC-LESSP  X  (CAR  L)) 

(CONS  X  L) 

(CONS  (CAR  L) 

(ALPHABETIC-INSERT  X  (CDR  L))))) 


Definition. 

(ALPHABETIZE  L) 

(IF  (NLISTP  D 
L 

(ALPHABETIC- INSERT  (CAR  L) 

(ALPHABETIZE  (CDR  L)))) 

We  next  define  the  function  that  explores  the  quotation  of  a  term  X  and  collects  the  set  of  variable 
symbols  used  in  it.  If  FLG  is  'LIST*  X  is  considered  as  a  list  of  quotations  instead  of  a  single  quotation. 

Definition . 

(ALL-VARS  FLG  X) 

(IF  (EQUAL  FLG  'LIST*) 

(IF  (NLISTP  X) 

"NIL* 

(UNION  (ALL-VARS  T  (CAR  X)) 

(ALL-VARS  'LIST*  (CDR  X)))) 

(IF  (NLISTP  X) 

(CONS  X  *NIL*) 

(ALL-VARS  'LIST*  (CDR  X)))) 

The  function  MAKE-ALIST1  takes  a  list  of  LIT  ATOMs  and  returns  the  quotation  of  the  alist  in  which 
the  quotation  of  each  symbol  is  bound  to  the  symbol.  That  is,  if  VARS  is  the  quotation  list  of,  say,  A,  B, 
and  C,  then  ( MAKE- ALIST  1  VARS)  is  [(CONS  (CONS  *A*  A)  (CONS  (CONS  *B*  B)  (CONS  (CONS 
*C*  C)  *NIL*)))] 
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Definition. 
CMAKE-ALIST1  VARS) 


(IF  (NLISTP  VARS) 

(EVG  T  •NIL*) 

(CONS  ■CONS’ 

(CONS  (CONS  ’CONS* 

(CONS  (EVO  T  (CAR  VARS)) 

(CONS  (CAR  VARS)  'NIL*))) 

(CONS  (MAKE-ALIST1  (CDR  VARS)) 

•NIL')))) 

DELETE  deletes  the  first  occurrence  of  its  first  argument  from  its  second  argument.  It  is  used  to 
remove  the  'indicial*  variable  of  a  FOR  statement  from  the  list  of  variables  that  occur  in  the  conditional 
and  body  expressions. 


Definition . 

(DELETE  X  J) 

(IF  (NLISTr  L) 

L 

(IF  (EQUAL  X  (CAR  L)) 

(cm  L) 

(CONS  (CAR  L)  (DELETE  X  (CDR  L))))) 

Here  is  the  function  that  constructs  the  alist  for  abbreviated  FORs,  given  the  indicial  variable  symbol, 
the  conditional  expression,  and  the  body. 

Definition. 

(MAKE-ALIST  VAR  WHEN  BODY) 

(MAKE- ALIST  1  (ALPHABETIZE  (DELETE  VAR 

(UNION  (ALL-VARS  T  WHEN) 

(ALL-VARS  T  BODY))))) 

We  finally  define  TRANSLATE.  If  FLG  is  'LIST',  X  is  considered  to  be  a  list  of  s-expressions  to  be 
translated. 


Definition . 

(TRANSLATE  FLG  X) 

(IF  (EQUAL  FLG  'LIST') 

(IF  (NLISTP  X) 

*NIL* 

(FCONS  (TRANSLATE  T  (CAR  X)) 

(TRANSLATE  ‘LIST*  (CDR  X)))) 

(IF  (NLISTP  X) 

(IF  (NUMBER?  X)  (EVG  T  X) 

(IF  (NEGATIVE?  X)  (EVG  T  X) 

(IF  (LITATGH  X) 

(IF  (EQUAL  X  *T«)  (CONS  •TRUE*  'NIL*) 
(IF  (EQUAL  X  'F')  (CONS  'FALSE*  'NIL') 
(IF  (EQUAL  X  'NIL')  (EVG  T  'NIL') 

(IF  (LBGAL-CHAR-OQDE-SEQ  (UNPACK  X))  X 
F)))) 

F))) 

(IF  (NOT  (EQUAL  (CDR  (LAST  X))  'NIL')) 


(IF  (EQUAL  (CAR  X)  •QUOTE*) 

(IF  (AM)  (LISTP  (CDR  X)) 

(EQUAL  (CDR  (CDR  X))  ■NIL*)) 

(EVG  T  (CAR  ((DR  X})) 

F) 

(IF  (OR  (EQUAL  (CAR  X)  ■NIL*) 

(OR  (EQUAL  (CAR  X}  *Ta) 

(EQUAL  (CAR  X}  aF*))) 

F 

(IF  (EQUAL  (CAR  X)  aLICTa) 

(IF  (TRANSLATE  •LIST"  (CDR  X)) 

(IF  OUST?  (CDR  X)) 

(EVG  T  aNILa) 

(MAKE-TREE  ’ODNS* 

(APFQD  (TRANSLATE  'LIST*  (CDR  X)) 

(CONS  (EVG  T  aNILa) 
aNILa)))) 

F) 

(IF  (CAR-CDRP  (CAR  X)) 

(IF  (AM)  (LISTP  (CDR  X)) 

(AND  (NLISTTP  (CDR  (CDR  X))) 

(TRANSLATE  T  (CAR  (CDR  X))))) 

(CAR-CDR-NEST  (GDR  (UNPACK  (CAR  X))) 

(TRANSLATE  T  (CAR  (CDR  X)))) 

F) 

(IF  (EQUAL  (LENGTH  (CDR  X))  (ARITY  (CAR  X))) 

(FCONS  (CAR  X)  (TRANSLATE  "LIST*  (CDR  X))) 

(IF  (EQUAL  (CAR  X)  "FDR") 

(IF  (AB8REVIATED-F0RP  X) 

(FCONS  ■PQRa 

(FCONS  (EVG  T  (ABBREVIATED- FOR-VAR  X)) 

(FCONS  (TRANSLATE  T  (ABBREVIATED- FOR-RANGE  X)) 

(FCONS  (EVG  T  (TRANSLATE  T  (ABBREVIATED-FOR-HHEN  X))) 

(FCONS  (EVG  T  (AB0REVIATED-FDR-OP  X)) 

(FCONS  (EVG  T  (TRANSLATE  T  (ABBREVIATED-FOR-BODY  X))) 

(FCONS  (MAKE-ALIST  (ABBREVIATED-FOR-VAR  X) 

(TRANSLATE  T  (ABBREVIATED-FOR-WHEN  X)) 
(TRANSLATE  T  (ABBREVIATED-FOR-BODY  X))) 

•NIL'))))))) 

F) 

(IF  (AND  (LESSP  2  (LENGTH  (CDR  X))) 

(OR  (EQUAL  (CAR  X)  'AND') 

(OR  (EQUAL  (CAR  X)  •OR') 

(OR  (EQUAL  (CAR  X)  "PLUS1) 

(EQUAL  (CAR  X)  •TIMES*))))) 

(MAKE-TREE  (CAR  X)  (TRANSLATE  "LIST"  (CDR  X))) 

F)))))))))) 

The  implemented  syntax  is  defined  by  the  function  ISYNTAX: 

Definition . 

(ISYNTAX  STREAM)  =  (TRANSLATE  T  (READ  STREAM)) 
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